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MCI  service  rollouts 
hit  variety  of  snags 


■  BY  DENISE  PAPPALARDO  AND 
CAROLYN  DUFFY  MARSAN 

MCI  customers  already  tested 
by  the  company’s  bankruptcy 
scandal  now  are  looking  at  signif¬ 
icant  delays  in  receiving  prom¬ 
ised  upgrades  that  cover  integrat¬ 
ed  VPN  and  VoIP  services. 

MCI  first  laid  out  its  Conver¬ 
gence  Networking  product  stra¬ 
tegy  about  a  year  ago.  In  that 
plan,  the  company  said  it  would 


introduce  new  Secure  Internet 
Gateway  services  and  offer  en¬ 
hancements  to  its  MCI  Advan¬ 
tage  VoIP  offerings. 

But  those  services  are  arriving 
six  to  12  months  later  than 
expected. 

“If  they  hang  the  market  with 
commitment  dates  and  then  don’t 
meet  those  dates,  they  run  the  risk 
of  damaging  customer  confi¬ 
dence,”  says  Bryan  Van  Dussen,  a 
See  MCI,  page  86 


Spotlight  on 
enhanced 
wireless  at 
GTIA  show 

■  BY  JIM  DUFFY  AND  DENISE 
PAPPALARDO 

Wireless  aficionados  will  con¬ 
vene  this  week  at  CT1A  Wireless 
2004  in  Atlanta  to  wrestle  with 
current  business  and  technol¬ 
ogy  issues.  Driving  this  climate  is 
the  realization  that  in  a  few  short 
years,  users  might  rely  on  their 
wireless  devices  as  their  primary 
communications  tools,  eclipsing 
the  number  of  wireline  phones 
and  computers  now  serving  that 
role. 

Carriers  are  preparing  by  un¬ 
veiling  a  slew  of  new  and 
enhanced  services  and  network 
upgrades  at  CTIA  Wireless. 

While  show  officials  declined 
See  CTIA,  page  16 
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Cisco  gives 
Catalyst 
al  OG  jolt 


■  BY  PHIL  HOCHMUTH 

Cisco  last  week  unveiled  the 
most  ambitious  upgrade  of  its 
Catalyst  switch  line  in  more  than 
a  year,  highlighted  by  the  indus¬ 
try’s  first  copper-based  10G 
Ethernet  switch  offering. 

The  $600-per-port  10G  Ethernet 
module  for  the  Catalyst  6500  is 


based  on  the  IEEE  10G-BaseCX4 
standard,  which  was  ratified  this 
month.  The  offering  is  designed 
to  link  backbone  switches  or 
server  clusters  in  data  centers  at 
a  fraction  of  the  cost  of  fiber-only 
technology. 

Cisco  announced  the  module, 
along  with  fiber-based  10G 

See  Cisco,  page  87 


A  Wider  Net 

Locker  room  to  boardroom 

Ex-NFL  star  and  U.S.  Rep.  Steve  Largent 
now  selling  cellular  to  corporate  America. 


■  BY  JIM  DUFFY 

Nothing  goes 
together  quite 
like  pro  football 
and  cell  phones. 

Just  ask  Joe  Horn, 
the  New  Orleans 
Saints  receiver 
whose  choreo¬ 
graphed  cell  call 
from  the  end  zone  after 
scoring  a  touchdown  in 
December  earned  him 
nationwide  notoriety  and 
a  $30,000  fine. 

Or  better  yet,  ask  Hall  of 
Famer  Steve  Largent,  whose 
career  has  taken  him  from 


being  one  of 
the  NFLs  lead¬ 
ing  receivers,  to 
a  seat  in  Con¬ 
gress,  to  the  top 
post  at  the 
Cellular  Telecom¬ 
munications  and 
Internet  Association 
(CTIA).  Largent  last 
fall  was  named  presi¬ 
dent  of  the  CTIA,  a  wireless 
industry  educational  and 
lobbying  organization  that 
holds  its  annual  conference 
this  week  in  Atlanta. 

See  Largent,  page  16 
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Mr.  5,000  Desktops 
Updated  with  the 
Latest  Engineering 
App  in  10  Minutes 


MOTOROLA 


Microsoft 

Your  potential.  Our  passion . " 

"We  performed  over  807,000  successful 
software  deployments  to  65,000 
desktops  in  2002  alone  and  saved 
over  247,000  administration  hours." 

Steven  Bramson 

Senior  Systems  Architect,  Motorola 


Microsoft  Windows  Server  System  makes  Motorola's 
infrastructure  easier  to  manage.  Here's  how:  using 
Microsoft  Systems  Management  Server  and  SQL  Server, 
powered  by  Windows  Server,  Motorola  conducts  system 
inventory  of  their  65,000  desktops  from  one  location, 
identifies  necessary  system  updates,  then  deploys  those 
applications  across  the  enterprise  automatically.  It's 
software  that  helps  you  do  more  with  less.  Get  the  full 
Motorola  story  and  a  hands-on  management  tool  at 
microsoft.com/wssystem 


Windows  Server  System™  includes  these  products: 


Server  OS  Windows  Server”'* 


Operations  Infrastructure 

Systems  Management  Server 

Application  Center 

Operations  Manager 

Internet  Security  &  Acceleration  Server 

Windows*  Storage  Server 

Application  Infrastructure 

SQL  Server™ 

BizTalk*  Server 

Commerce  Server 

Content  Management  Server 

Host  Integration  Server 

Information  Work  Infrastructure  Exchange  Server 


Office  SharePoint"  Portal  Server 
Office  Live  Communications  Server 
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Make  a  name  for  yourself 
with  Windows  Server  System. 
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These  days,  no  network  is  free  of  threats.  That’s  why  you  have  to  assign  network  security  privileges  to  everyone.  Employees,  customers, 
and  partners.  You  need  to  set  an  acceptable  use  policy  that  dictates  what  each  of  them  can  and  can’t  access.  Until  now,  you  had  to  do 
this  manually. 

!Not  anymore.  Now  you  can  do  what  Baylor  University  did.  Implement  an  Enterasys  Secure  Networks™  solution  with  a  unique,  policy- 
based  system  that  empowers  the  network  to  allocate  resources  based  on  specific  users  and  their  roles.  The  network  “sees”  who  the  user 
is  and  assigns  privileges  accordingly.  This  improved  control  also  gives  you  more  security. 

It  s  all  about  giving  you  a  smarter  way  to  network  with  central,  intuitive  management.  Find  out  more  at  networksthatknow.com/Baylor. 
<  >r  ask  any  one  of  the  many  enterprise  customers  we’ve  worked  with  for  years. 
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10  Microsoft’s  delivery  of  patch  tools  slips  again. 

10  Microsoft  offers  peek  at  future  management  software. 

12  VoIP  is  in  the  air  at  Spring  VON  event. 

12  PeopleSoft  packages  CRM  for  variety  of  vertical  industries. 

1 12  HP  singles  out  SMB  market  with  new  services. 

14  Standards  setters,  vendors  aim  to  give  voice  to  the  Web. 
14  SysDM  rolls  out  back-up  software. 

18  Network  industry  campaign  contributions  down. 

86  Survey:  user  annoyance  grows  along  with  spam. 

87  Cisco  issues  security  warning. 


Infrastructure 

■  19  Avaya  CEO  talks  VoIP  issues. 


Technology 

Update 


Spam-busters: 

Is  spam  a  problem  that  can  be  solved  by 
technology  or  by  tougher  laws?  We 
up  with  four  spam  fighters  at  a 
recent  conference  at  MIT  and 
discovered  there  are  strong 
opinions  on  both  sides  of 
the  issue.  Page  69. 
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CLEAR  CHOICE 


HP  ProCurve  2800 


The  HP  2824  and  2848  are  aggressively  priced  rack-mountable 
switches,  but  the  trade-off  is  less-than-ideal  performance.  Page  72. 
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recovery  tools. 
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parties  can  simplify  patch  process. 
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catch  on. 
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cards. 

■  25  Videoconferencing  vendors 
embrace  H.350. 
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■  26  Scott  Bradner:  Looking 
for  the  dumb  ones. 
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■  27  Infonet  beefs  up  remote 
access  services. 

■  27  Nortel  targets  CDMA  450 
market. 

■  28  Johna  Till  Johnson: 

The  solution  to  'offshoring'  problem: 
Innovation. 


■  63  VoiceXML  lets  you  talk  to 
computers. 
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Style  Sheets  (6):  The  bitter  end. 

■  64  Keith  Shaw:  Cool  tools, 
gizmos  and  other  neat  stuff. 

Opinions 

■  66  Editorial:  Regulation:  A 
sticky  wicket  for  VoIP. 

■  67  Chuck  Yoke:  IT  philoso¬ 
phy:  Do  no  harm. 
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■  74  IT  execs  tackle  to-do  lists: 
Loosening  purse  strings  and  afford¬ 
able  technology  allow  delayed  agen¬ 
das  to  get  addressed. 


The  New  Data  Center:  Rethinking  networked  IT 


In  this  second  of  a  six-part  series,  we  spotlight  security  chal¬ 
lenges,  explore  the  latest  thinking  on  autonomic  computing  and 
take  a  glimpse  at  one  user’s  development  of  a  new  data  center 
architecture.  In  a  supplement  beginning  after  page  30. 
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|  Exclusive 

Case  studies:  Network  management 

Come  online  for  five  articles  spotlighting  enterprise  network  managers' 
innovative  use  of  management  products  to  automate  processes,  prevent 
outages  and  save  money. 

DocFinder:  1133 

Wireless  LAN  Buyer’s  Guide 

We've  compiled  the  largest  Buyer's  Guide  ever  on  wireless  LAN  equip¬ 
ment.  Whether  you're  looking  for  an  access  point  or  PC  Card,  or  trying 
to  decide  between  802.11a,  b  and  g,  take  a  look  at  the  information  that 
vendors  have  provided  us. 

DocFinder:  1238 

Layer  8:  Caption  contest 

See  who  won  last  week's  caption  contest  and  enter  this  week's  at  Fusion's 
not-just-networking  Web  log.  Take  a  chance  at  glory  —  and  a  free  prize. 

DocFinder:  9652 

Seminars  and  events 


Messaging:  From  chaos  to  control 

Messaging  is  in  crisis.  Ever-escalating  e-mail  assaults  now  threaten  core 
competencies  of  even  the  most  sophisticated  corporations.  It's  time  for 
better,  more  aggressive  answers  that  again  make  messaging  a  corpo¬ 
rate-safe  application.  Industry  expert  and  Network  World  columnist  Mark 
Gibbs  will  present  the  latest  demos  and  new  tools. 

DocFinder  9876 
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Columnists 

Wireless  Wizards 

Calculating  bandwidth  per  app  for  access  point  coverage 
The  Wizards  help  out  a  user  who  wants  to  know  the  best  way  to 
calculate  the  amount  of  bandwidth  enterprise  applications  will 
need  for  each  access  point.  DocFinder  1240 

Telework  Beat 

Two  states,  two  incentive  bills 

Net.Worker  Managing  Editor  Toni  Kistncr  examines  Georgia's 
and  Maryland's  different  tacks  on  telework  legislation. 

DocFinder  1241 

Small  Business  Tech 

Escape  from  Verizon 

Columnist  James  Gaskin  on  how  wireless  broadband  saves  the 
day  for  one  small  business.  DocFinder  1242 

|  Interactive 

Tester's  Challenge:  Patch  those  holes 

Network  World  Lab  Alliance  member  Rodney  Thayer  challenges 
vendors  to  develop  a  uniform  way  to  let  users  quickly  find  and 
apply  security  patches.  Is  he  right?  Share  your  thoughts  in  our 
forum.  DocFinder  1239 

Breaking  News 

Go  online  for  breaking  news  every  day.  DocFinder  6342 
Free  e-mail  newsletters 

Sign  up  for  any  of  more  than  40  newsletters  on  key  network  topics 

DocFinder:  6343 

What  is  DocFinder? 

We've  made  it  easy  to  access  articles  and 
resources  online.  Simply  enter  the  four-digit 
DocFinder  number  in  the  search  box  on  the 
home  page,  and  you’ll  jump  directly  to  the 
requested  information. 
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Good  Bad  Ugly 


<§>  Driven  to  save.  DaimlerChrysler  isn't  exactly  in  the  business  of  discouraging 
travel,  but  the  company  knows  the  value  of  eliminating  unnecessary  trips.  CIO  Sue 
Unger  last  week  told  attendees  at  a  sister  event  to  the  big  Cebit  show  in  Germany 
that  the  company  has  saved  as  much  as  $14  million  per  year  in  travel  and  related 
expenses  by  using  videoconferencing  to  conduct  100-plus  meetings  per  day  among 
its  362,000  employees. 


Judge  unplugs  federal  Web  sites  -  again 


^  Pirate  nation.  Stanford  Law  School  Professor  Lawrence  Lessig  last  week 
took  "IP  extremists"  to  task  for  their  restrictive  views  on  intellectual  property  usage 
in  an  online  world,  and  helped  explain  the  urge  of  so  many  in  the  IT  industry 
to  loosen  intellectual  property  rules:  "We  were  born  a  pirate  nation." 


■  For  the  third  time  since  2001,  a  federal  judge  has  ordered  the  U.S. 
Interior  Department  to  shut  down  most  of  its  Internet  access  and 
public  Web  sites  as  part  of  a  case  involving  the  departments  failure 
to  secure  data  about  potentially  millions  of  dollars  owed  to  Native 
Americans  for  grazing,  energy  and  mineral  royalties.  U.S.  District 
Judge  Royce  Lamberths  decision  covers  computer  connections 
and  Web  sites  in  the  Inspector  Generals  Office,  the  Minerals 
Management  Service,  the  Bureau  of  Land  Management,  the  Bureau 
of  Reclamation,  the  Fish  and  Wildlife  Service,  the  Office  of  the 
Special  Trustee,  the  Bureau  of  Indian  Affairs,  the  Office  of  Surface 
Mining  and  the  National  Business  Center.  In  the  past,  Interior’s 
Internet  shutdowns  have  made  it  difficult  for  people  to  get  online 
information  about  national  parks  and  monuments,  and  for  depart¬ 
mental  offices  to  communicate  with  each  other. 

European  Commission,  Microsoft  reach  impasse 

■  The  European  Commission’s  competition  talks  with  Microsoft  have  collapsed, 
European  Competition  Commissioner  Mario  Monti  said  last  week.  In  a  statement  read  to 
journalists,  Monti  said  that  despite  Microsoft’s  strenuous  efforts  to  meet  the  European 
Commission’s  concerns,  a  settlement  of  the  case  “has  not  been  possible. Therefore  we  will 
propose  [on  March  24]  that  the  Commission  adopts  a  decision.” Monti  added  that  a  prece¬ 
dent-setting  legal  ruling  is  in  the  best  interest  of  consumers  and  competition. This  week’s 
ruling  is  expected  to  demand  that  the  company  sell  two  versions  of  Windows  to  PC  man¬ 
ufacturers  in  Europe:  one  with  Media  Player  and  one  without.This  remedy  is  intended  to 
restore  fair  competition  in  the  market  for  audio  and  video  playing  software. The  commis¬ 
sion  also  is  expected  to  force  Microsoft  to  share  more  Windows  code.  Microsoft  has 
promised  to  appeal  the  ruling. 

HP  shareholders  want  options  expensed 

■  A  revolt  by  shareholders  at  HP’s  annual  meeting  last  week  could  push  the  company  to 
become  one  of  the  first  in  the  high-tech  industry  to  change  its  accounting  to  reflect  the 


“If  you  think  this  is  funny  wait  until  you 
see  where  the  other  leads  are  wired  into.” 


Layer 


Michael  Hoddy  of  Hertfordshire,  England,  has  been 
declared  the  funniest  man  on  the  planet  as  author 
of  the  above,  and  the  winner  of  our  weekly  caption 
contest.  Head  over  to  Layer  8  to  check  out  this 
week's  contest  If  you  win,  we'll  send  you  the  best 
prize  we  can  steal  out  of  the  marketing  closet. 
www.nwfusion.com/weblogs/layer8/ 


Math  problems.  Nortel  last  week  asked  its  CFO  and  controller  to  take 
an  unplanned  vacation  while  the  company  completes  an  internal  audit  to  determine 
its  real  financial  results  for  2003,  Separately,  Veritas  Software  is  revising  its  financial 
statements  for  2003  and  restating  its  revenues  for  2001  and  2002,  after  an  internal 


cost  of  stock-option  grants.  Over  management  objections,  HP  shareholders  narrowly 
passed  a  shareholder-initiated  proposal  requesting  that  HP’s  board  establish  a  policy  of 
expensing  options  in  the  company’s  annual  income  statement.  About  1.2  billion  shares 
were  voted  in  favor  of  the  resolution,  while  921  million  were  voted  against  it.The  issue  has 
attracted  the  attention  of  investors  in  the  past  few  years  and  become  a  cause  celebre  for 
some  corporate-governance  watchdogs  concerned  about  extensive  options  grants  and 
the  sometimes  hidden  nature  of  options’  cost.Technology  companies  frequently  use  stock 
options  to  motivate  employees  and  executives,  and  generally  have  resisted  calls  to  record 
option  costs  as  an  expense  in  their  financial  statements. 


Google  brings  search  closer  to  home 

■  Google  last  week  announced  it  has  launched  a  beta  version  of  a  service  that  lets  users 
conduct  Internet  searches  with  geographical  parameters,  letting  them  query  Google,  for 
example,  for  restaurants  in  and  around  a  particular  city  or  zip  code.  Called  Google  Local, 
the  service  returns  business  listings,  maps,  driving  directions, street  addresses,  phone  num¬ 
bers  and  related  Web  pages.The  results  can  be  narrowed  down  to  1  mile  of  the  specified 
geographical  reference  chosen  by  the  user  or  expanded  out  to  a  45-mile  radius.  Google 
Local  currently  searches  locations  in  the  U.S.,but  the  company  plans  to  expand  it  to  inter¬ 
national  markets  in  the  coming  months. 

3Gom's  losses  widen 

■  3Com  last  week  reported  a  net  loss  of  $86  million  in  its  third  fiscal  quarter, a  21%  decline 
in  sales  from  the  same  quarter  last  year. The  network  equipment  maker’s  loss  for  its  third 
fiscal  quarter  was  about  $6  million  more  than  the  same  quarter  a  year  ago.  Sales  were 
down  about  5%  from  the  previous  quarter,  although  3Com’s  losses  in  the  previous  quarter 
were  greater,  at  $138.9  million.  3Com  also  reported  a  $40  million  restructuring  charge  dur¬ 
ing  the  quarter.  Its  workforce  was  about  2,100  at  the  end  of  the  third  quarter,  down  from 
approximately  2,900  from  the  previous  quarter.The  company  also  closed  a  manufacturing 
plant  in  Dublin,  Ireland, moving  the  production  to  an  outsourcer.  A  bright  spot  for  the  firm 
was  10%  sequential  growth  in  its  Wi-Fi, VoIP  and  security  product  lines. 


IBM  Express  Middleware:  Designed 
and  developed  for  midsize  companies. 

(IBM  muscle  for  less  moolah.) 


MIDDLEWARE  IS  POWERFUL  IBM  SOFTWARE.  The  kind  of  software  that  makes  your  applications  work  better  to  solve 
your  business  problems.  It’s  an  answer.  It’s  IBM  DB2?  Lotus?  Tivoli®  and  WebSphere®  And  in  the  form  of  IBM  Express  Middleware, 
it’s  now  more  accessible  than  ever  for  midsize  businesses. 

IBM  Express  Middleware  is  engineered  to  work  with  your  existing  business  applications  whether  they  run  on  Windows?  Linux® 
or  UNIX®  It’s  engineered  to  be  deployed  by  those  without  computer  science  degrees.  It’s  priced  to  put  a  smile  on  Accounting’s 
face.  It’s  nimble.  Quick.  Flexible. 

Your  technology  will  work  harder  to  meet  the  demands  of  your  customers,  your  business  goals  and  your  industry’s  needs.  It  makes 
your  business  more  responsive  to  the  unforeseen.  Of  course,  all  of  this  is  easy  to  implement,  easy  to  install,  simple  to  maintain.  You 
need  to  learn  more.  To  find  an  IBM  Business  Partner  in  your  area,  visit  ibm.com/software/express 


IBM.  DB2.  Lotus.  Tivoli  and  WebSphere  are  registered  trademarks  or  trademarks  of  International  Business  Machines  Corporation  in  the  United  States  and/or  other  countries.  Unux  is  a  registered  trademark  of  Linus  Torvalds.  Windows  is 
a  registered  trademark  ol  Microsoft  Corporation  in  the  United  States  and/or  other  countries  UNIX  is  a  registered  trademark  of  The  Open  Group  in  the  United  States  and/or  other  countries  ©  2004  IBM  Corporation  All  rights  reserved 
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Microsoft’s  delivery  of  patch  tools  slips  again 


■  BY  JOHN  FONTANA 

LAS  VEGAS  —  Corporate  cus¬ 
tomers  who  anticipate  the  spring¬ 
time  release  of  upgrades  to 
Microsoft’s  no-cost  patch  man¬ 
agement  software  have  some  dis¬ 
appointment  ahead:  They  will  not 
only  have  to  wait  till  later  in  the 
year  but  also  might  have  to 
upgrade  their  systems  to  use  it. 

At  its  annual  Management  Sum¬ 
mit  last  week,  Microsoft  renamed 
its  Software  Update  Services 
(SUS)  2.0  to  Windows  Update  Ser¬ 
vices  (WUS)  and  said  the  ship 
date  could  slip  by  up  to  seven 
months.  WUS  is  a  free,  server- 
based  application  for  download¬ 
ing  and  deploying  patches. 

Last  November,  Microsoft  prom¬ 
ised  a  May  ship  date  for  its  new 
patch  technologies,  including 
WUS,  new  installers  and  one  Web 
site  to  download  patches. 

Many  were  expecting  the  first 
beta  of  SUS  2.0  last  week  after 


the  delay”  says  John  Mercer, 
senior  technical  analyst  with 
General  Mills  in  Minneapolis. 
Mercer,  who  runs  SUS  1.0  and  Mi¬ 
crosoft’s  licensed  patch  and  con¬ 
figuration  management  platform 
Systems  Management  Server 
2003,  says  he  is  eagerly  anticipat¬ 
ing  new  deployment  controls 
within  WUS. 

“WUS  hits  a  good  percentage  of 
our  machines,  and  it  is  easier  to 
manage.  SMS  takes  a  lot  more 
configuration  to  make  it  work 
right,”  he  says. 

WUS  is  fostering  other 
considerations. 

“My  concern  is  you  have  to 
have  your  machines  at  a  certain 
state,  which  is  Windows  2000  SP 
4,”  says  Coby  Gurr,  network  engi¬ 
neer  for  the  Utah  Army  National 
Guard.  “1  don’t  have  all  my  sys¬ 
tems  at  that  level.”  He  also  noted 
lack  of  support  for  Windows  NT  4, 
a  product  that  will  lose  security 
hot-fix 
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already  experiencing  two  delays, 
but  Microsoft  only  gave  them  a 
name  change  and  provided  just 
50  to  60  customers  with  preview 
software.  A  public  beta  now  is  slat¬ 
ed  for  this  summer. 

The  WUS  server  component  will 
only  support  machines  running 
Windows  2000  Service  Pack  4  or 
higher;  Windows  Server  2003; 
Internet  Information  Services  5.5 
and  higher;  and  SQL  Server  2000 
SP  3  and  higher,  SQL  Server  2003 
or  SQL  Server  Desktop  Engine 
2000.  The  WUS  client,  which  is 
needed  to  communicate  to  the 
server,  supports  Windows  2000 
Server  and  Professional  SP4  and 
higher,  Windows  Server  2003  and 
Windows  XPAnd  while  WUS  will 
add  support  for  Exchange,  SQL 
Server  and  Office  patches,  the  ini¬ 
tial  support  only  includes  current 
versions  of  those  applications. 
Older  versions  will  be  added  by 
the  end  of  the  year,  Microsoft  said. 
On  the  operating  system  side,  it 
supports  patches  for  Windows 
2000  Server  and  Professional  SP  3 
or  higher,  Windows  Server  2003 
and  Windows  XP 

“1  was  a  bit  disappointed  with 


support  on  Dec.  31. 

Microsoft  has  heard  all  the  com¬ 
plaints,  but  while  the  company 
scrambles  to  release  new  tools,  it 
wants  to  ensure  they  are  part  of 
one  set  of  technologies  that  will 
foster  a  consistency  among  its 
patch  management  tools  that 
does  not  exist  today 

In  the  future,  WUS  is  expected 
to  become  a  part  of  the  Win¬ 
dows  operating  system,  likely 
with  the  Longhorn  server  ver¬ 
sion  expected  to  ship  in  2007. 

“The  way  we  want  to  build  it  is 
you  have  Windows  Server,  which 
is  the  core  infrastructure  and  is 
the  thing  that  deploys,  scans  and 
checks  and  makes  sure  every¬ 
thing  happened,”  says  Steve 
Anderson,  director  of  Windows 
server  marketing  for  Microsoft. 

The  forthcoming  version  of 
WUS  also  will  include  an  API  that 
will  let  third-party  management 
and  patch  tools  plug  into  that 
engine  so  patch  deployment  is 
consistent  regardless  of  other 
tools  that  might  be  used. 

In  2006,  Microsoft  says  it  will 
integrate  WUS  directly  into  SMS, 
making  it  the  deployment  engine 


for  the  licensed  product.That  will 
let  corporations  run  a  combina¬ 
tion  of  WUS  and  SMS  without 
some  of  the  inconsistencies  that 
plague  users  today.  And  it  will  let 
users  run  other  management  soft¬ 
ware  to  patch  Windows  systems 
without  having  to  deploy  SMS. 

The  two  most  notable  inconsis¬ 
tencies  today  are  the  separate 
scanning  engines  in  Microsoft 
Baseline  Security  Analyzer 
(MBSA)  and  HFNetChk  that  often 
deliver  differing  results  on 
whether  a  patch  is  installed  or 
not,  and  different  technologies  for 
cataloging  patches,  updates  and 
service  packs  in  WUS  and  SMS. 

Microsoft  is  developing  a  scan¬ 
ning  engine  that  will  be  in  WUS 
to  replace  the  engines  it  now 
licenses  from  Shavlik  Tech¬ 
nologies  for  MBSA  and  HFNet¬ 
Chk.  The  WUS  scanning  will  be 
used  in  MBSA  2.0,  which  will 
ship  when  WUS  does.  Microsoft 
also  is  developing  one  catalog 
technology  for  use  in  both  WUS 
and  SMS. 

That  comes  on  top  of  already 
announced  plans  to  reduce  the 
number  of  patch  installers  from 
eight  to  two  and  to  consolidate 
existing  sites  into  one  site  on  the 
Internet  to  download  patches. 

That  site  will  put  one  interface 
on  Windows  Update,  which  today 
provides  Windows  patches  for 
consumers  and  businesses,  and 
the  forthcoming  Microsoft  Up¬ 
date,  which  will  provide  all  other 
product  patches  for  customers 
that  opt  into  the  service. 

Microsoft  also  is  contemplating 
developing  a  simplified  version 
of  SMS  that  could  plug  into  the 
patch  deployment  capabilities 
being  built  into  Windows.  It 
would  be  comparable  to  the  Mi¬ 
crosoft  Operations  Manager  Ex¬ 
press,  which  was  introduced  last 
week  and  forces  limits  on  the 
scope  of  its  use. 

The  idea  of  getting  SMS  in  wide¬ 
spread  use  is  being  pushed  by 
some  observers. 

“Microsoft  should  almost  give 
away  SMS,”  says  Peter  Pawlak,  an 
analyst  with  Directions  on  Micro¬ 
soft,  an  independent  research 
firm.Ut  is  in  Microsoft’s  best  inter¬ 
est  to  get  everyone  up  on  the  cur¬ 
rent  patches  and  to  help  roll  out 
new  versions  of  products.”  ■ 


■  See  related  Microsoft 
story.  PAGE  25 
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Get  a  patch 

Microsoft’s  patch  management  tools  won’t  make  it  out 
this  May  as  promised,  but  the  company’s  free  deploy¬ 
ment  tool  called  Windows  Update  Services  went  into 
beta  last  week  and  has  undergone  an  overhaul  to  answer 
user  complaints. 


Product:  Windows  Update  Services 
Former  name:  Software  Update  Services  2.0 

Description:  Server  that  sits  within  corporate  firewall  and 
downloads  patches  from  Microsoft  Web  site  and  deploys  those 
patches. 

Cost:  Free 

improvements:  In  addition  to  Windows,  now  will  include  patches 
for  current  versions  of  Exchange,  SQL  Server  and  Office  with  older 
version  support  promised  by  year-end;  patches  can  be  targeted  at 
certain  groups  of  machines  for  deployment;  simple  reporting  engine 
to  verify  download,  and  installation  of  patches  and  reboots  of 
machines. 

New  features:  WUS  includes  a  Microsoft-developed  scanner 
designed  to  eliminate  inconsistencies  between  current  tools  — 
MBSA  and  HFNetChk.  Catalog  technology,  which  lists  patches, 
updates  and  service  packs,  will  be  common  in  WUS  and  System 
Management  Server  2003  Service  Pack  1.  API  will  let  third-party 
tools  tap  into  WUS. 

Coming  up:  In  2006,  WUS  is  scheduled  to  become  the  scanning 
engine  within  SMS. 
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Microsoft  offers  peek  at 
future  mgmt.  software 


■  BY  JOHN  FONTANA 

LAS  VEGAS  —  Microsoft  last 
week  offered  the  first  glimpse  of 
its  next-generation  management 
software  with  a  preview  of  a 
capacity-planning  tool  code- 
named  Indy. 

The  tool  lets  users  model  how 
applications  are  deployed,  in¬ 
cluding  server  location,  links 
between  those  servers  and  num¬ 
ber  of  users.  The  tool  then  pro¬ 
vides  a  simulation  of  the  results  if 
a  server  is  deployed  under  the 
prescribed  model. 

Indy  is  slated  to  be  delivered 
with  the  second  version  of  Sys¬ 
tem  Center,  a  management  tool 
that  will  combine  System  Man¬ 
agement  Server  (SMS),  Microsoft 
Operations  Manager  (MOM),  a 
data-warehousing  capability,  a 
tool  to  create  and  maintain  a 
desired  state  of  a  server,  and  Indy 

“This  is  an  area  of  the  industry 
that  has  been  overpromised  and 
underdelivered,”  said  Kirill  Tatar- 
inov,  Microsoft  corporate  vice 
president  of  the  enterprise  man¬ 
agement  division. 


No  delivery  date  has  been  set 
for  Indy  or  System  Center  Version 
2,  which  is  a  key  component  of 
Microsoft’s  ambitious  Dynamic 
System  Initiative  (DSI)-  DSI  is  a 
wide-ranging  management  plat¬ 
form  much  like  the  utility  com¬ 
puting  initiatives  from  the  likes  of 
HP  and  IBM. 

The  first  version  of  System  Cen¬ 
ter  is  due  out  this  year  and  will 
feature  a  common  interface  to 
link  MOM  and  SMS,  and  a  set  of 
reporting  services  that  will  draw 
information  from  the  two  man¬ 
agement  tools. 

But  Version  2  of  System  Center, 
which  Tatarinov  said  is  very  early 
in  development,  is  an  example  of 
the  sort  of  management  tools  that 
Microsoft  hopes  to  create  under 
DSI.  But  it  also  offers  the  first 
glimpse  into  the  likely  complex¬ 
ity  of  DSI. 

Indy  relies  on  data  from  DSPs 
System  Definition  Model,  which 
uses  XML-based  documents  as 
a  way  for  applications  to  com¬ 
municate  their  management 
and  operational  needs  to  the 
network.  ■ 


GO  BEYOND 

WITH  EXTREME  NETWORKS 


. 

Extreme  Networks  is  revolutionizing  the  networking  industry  with 
the  highest  performance  Layer  3  10/100/1000  fixed  configuration 
edge  switch,  with  the  industry's  first  and  only  modular  10  gigabit 
uplink  option.  The  Summit  400,  designed  for  enterprise  networks 
deploying  gigabit  to  the  desktop,  enables  customers  to  fearlessly 
deploy  Gigabit  Ethernet  to  the  edge  today,  and  have  the  added  peace 
of  mind  that  they  can  fully  performance-enable  their  wiring  closet 
infrastructure  through  future  upgrades.  How’s  that  for  a  switch? 


Contact  Extreme  Networks  at 
1.888.257.3000  or  visit  us  on  the  web  at 

www.extremenetworks.com/go/sum400.htm 
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10  gigabit  uplink  option 
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VoIP  start-ups  get  ready  for  Spring  VON 


■  BY  TIM  GREENE 

The  Spring  VON  2004  show  will 
be  the  springboard  for  at  least  a 
few  companies  touting  IP  equip¬ 
ment  and  long-haul  VoIP  services 
for  small  and  midsize  business 
networks. 

When  the  show  opens  in  Santa 
Clara  next  week,Anta  Systems  is 
scheduled  to  announce  a  range 
of  products  aimed  at  building 
corporate  or  carrier  VoIP  net¬ 
works.  Meanwhile  IceNet  is  set  to 
unveil  its  services  targeted  at 
ISPs  and  competitive  carriers 
that  want  to  sell  IP  voice  services 
to  enterprise  customers. 

These  will  be  among  nearly 
140  companies  attending  the 
show,  which  also  will  feature  ses¬ 
sions  on  VoIP  security;  managing 
voice  networks;  use  of  Session 
Initiation  Protocol  in  corporate 
networks;  and  running  voice- 
over-Wi-Fi  networks. 

A  newcomer  among  U.S.  VoIP 
vendors,  Anta  is  scheduled  to 


announce  details  on  its  products 

—  IP  phones,  an  IP  PBX  and  a 
softswitch. 

Like  the  company’s  other 
phones,  the  EP-838S  is  based  on 
IP.  Anta  also  makes  the  SX  1000, 
an  IP  PBX  with  call-center  soft¬ 
ware  for  small  and  midsize  busi¬ 
nesses.  The  PBX  supports  up  to 
eight  analog  phone  lines  or  a 
single-port  T-l  card  or  four-port  T- 
1  card  —  up  to  120  phone  lines 

—  depending  on  configuration. 

For  service  providers,  Anta 

makes  the  AG  1000  combination 
softswitch/media  gateway,  which 
can  connect  to  IP  networks  as 
well  as  the  traditional  public 
phone  network.  Multiple  AG 
1000s  are  controlled  by  an  oper¬ 
ational  control  server  that  inter¬ 
operates  with  conventional  carri¬ 
er  operations  and  support  sys¬ 
tems.  Each  AG  1000  supports  up 
to  1 ,000  users. 

The  company  is  new  to  the 
U.S.,  but  its  gear  is  in  trials  with 
customers  in  Asia,  says  CEO  and 


co-founder  Frank  Ip.  The  compa¬ 
ny  says  all  the  products  will  be 
available  next  week,  but  it  won’t 
reveal  pricing  until  VON. 

Founded  in  January  2003  and 
funded  by  its  founders,  Anta  will 
announce  $2.4  million  in  new 
funding  from  outside  the  com¬ 
pany  The  new  investors  include 
Daehong,  Eastar,  Global  Alliance 
and  Versatile  Ventures  as  well  as 
individuals. 

Also  at  VON,  provider  IceNet  is 
scheduled  to  announce  avail¬ 
ability  of  its  long-haul  network 
engineered  for  carrying  IP  voice 
with  guaranteed  quality  of  ser¬ 
vice.  The  company  says  it  can 
deliver  services  to  most  U.S.  cities 
via  its  own  network  with  eight 
points  of  presences  partnership 
with  Wiltel,  which  adds  130  more 
points  of  presence,  and  via  an 
alliance  with  KMC  Telecom. 

The  company  hosts  IP  Centrex 
services  and  can  supply  cus¬ 
tomer  site  equipment  to  ISPs  and 
competitive  local  exchange  car¬ 


riers  that  buy  IceNet  services. 
This  lets  providers  roll  out  busi¬ 
ness  services  to  customers  more 
quickly  IceNet  says. 

In  the  area  of  conferencing, 
Spectel  is  set  to  demonstrate 
that  its  new  IP  conferencing 
gear  interoperates  with  media 
servers  made  by  Convedia  and 
Snowshore.  Traditionally  a  ven¬ 
dor  of  dedicated  conferencing 
appliances  and  associated  soft¬ 
ware,  the  company  last  month 
announced  that  it  would  intro¬ 
duce  an  IP  platform.  The  new 
IP  platform,  called  Meeting- 
Xchange,  supports  the  compa¬ 
ny’s  existing  software  and  is 
designed  to  interoperate  with 
other  vendors’  equipment  to 
enable  audio,  Web  and  video- 
conferencing. 

For  customers  testing  the  VoIP 
waters,  Brix  Networks  is  sched¬ 
uled  to  announce  a  way  to  figure 
out  if  its  Internet  service  is  good 
enough  to  support  IP  voice.  Brix 
will  offer  free  test  software  that 


can  be  downloaded  to  PCs  to 
measure  network  performance. 
Potential  customers  can  run  the 
software  to  determine  whether 
their  Internet  link  is  good 
enough  to  support  IP  voice  ser¬ 
vices  such  as  Vonage’s  that  run 
over  customers’  existing  broad¬ 
band  Internet  connections.  The 
software  simulates  VoIP  traffic 
going  to  multiple  sites  Brix  has 
set  up  on  the  Internet,  and  issues 
a  report  of  its  findings. 

Brix  says  it  expects  this  will 
generate  demand  for  quality 
checks  of  IP  services  that  will 
encourage  service  providers  to 
use  Brix’s  network  performance¬ 
testing  equipment.The  company 
is  scheduled  to  announce  the 
URL  for  downloading  the  soft¬ 
ware  at  VON.  ■ 


■  Read  a  Q&A  with  Avaya 
CEO  Don  Peterson.  PAGE  19 


PeopleSoft  aims  CRM 
packs  at  vertical  markets 


■  BY  ANN  BEDNARZ 

PeopleSoft  is  continuing  its  emphasis  on 
industry-specific  enterprise  software  this 
week  with  new  CRM  bundles  aimed  at 
financial  services  companies,  universities, 
bill-collecting  government  agencies,  insur¬ 
ance  providers  and  utilities. 

Enterprise  CRM  for  Wealth  Management 
provides  tools  to  help  financial  advisors, 
investment  specialists  and  private  bankers 
track  client  goals  and  offer  more-personal¬ 
ized  service  recommendations.  Specific 
tools  built  into  the  software  include  a 
client  summary  feature,  which  aggregates 
contact  information,  key  product  holdings 
or  services,  and  any  pending  or  prospec¬ 
tive  opportunities  associated  with  a  cus¬ 
tomer.  A  client-at-risk  feature  identifies  cus¬ 
tomers  who  are  deemed  likely  to  withdraw 
funds  or  invest  with  a  competitor. 

The  software  can  highlight  “wallet 
share,”  or  what  percentage  of  a  client’s 
assets  a  firm  manages.  It  also  can  map 
relationships  between  people  —  for 
example, calling  attention  to  a  client  who 
on  the  surface  doesn’t  seem  to  have  a 
high  net  worth,  but  is  in  line  to  inherit  a 
lot  of  money  from  another  client,  says 
Steve  Roop,  vice  president  of  marketing 
for  PeopleSoft  CRM. 

The  wealth  management  tools  can  help 
financial  institutions  deliver  the  kind  of  per¬ 
sonal  attention  they  typically  pay  to  only 


their  wealthiest  investors,  Roop  says. 

Also  due  this  week  from  PeopleSoft  is 
Enterprise  CRM  for  Higher  Education,  soft¬ 
ware  designed  to  help  schools  better  man¬ 
age  relationships  with  prospects,  students, 
parents  and  alumni  —  from  recruitment 
and  enrollment  through  retention  and 
fundraising. 

Co-developed  with  systems  integrator 
Ciber,  the  bundle  includes  contact  center, 
field  service  and  help  desk  features,  and  it 
integrates  with  PeopleSoft’s  existing  Stu¬ 
dent  Administration  software. 

Lastly,  PeopleSoft’s  Enterprise  Revenue 
Management  is  a  revenue-  and  collection- 
management  bundle  designed  for  insur¬ 
ers,  banking  institutions,  utilities  and  select 
government  entities,  such  as  those  that  col¬ 
lect  taxes  or  license  fees. 

The  suite  links  billing  tools  with  cus¬ 
tomer  service  resources,  providing  one 
view  of  a  customer  or  constituent’s  credit, 
collections  and  payment  history 

PeopleSoft  worked  with  SPL  World- 
Group  to  developing  the  revenue  man¬ 
agement  suite,  which  grew  out  of  a  prod¬ 
uct  PeopleSoft  initially  offered  to  public 
utilities. 

The  revenue-management  suite  is  avail¬ 
able  now.  The  wealth  management  suite 
will  be  available  in  the  second  quarter, 
and  the  higher  education  bundle  will  be 
available  in  the  third  quarter.  PeopleSoft 
declined  to  disclose  pricing.® 


HP  singles  out  SMB 
market  with  new  services 


■  BY  TOM  KRAZIT 

In  an  effort  to  improve  its  standing 
among  a  group  of  customers  that  pro¬ 
vided  almost  30%  of  its  revenue  last  year, 
HP  this  week  plans  to  unveil  an  expanded 
program  of  products  and  services  for 
small  and  midsize  business  customers. 

Last  September,  the  company  an¬ 
nounced  a  $750  million  initiative  geared 
at  marketing  and  research  and  develop¬ 
ment  efforts  for  the  SMB  market. Customer 
feedback  since  then  has  led  to  the  cre¬ 
ation  of  new  service  packages  that  will  be 
delivered  through  HP’s  partners  or  di¬ 
rectly  via  HP  says  M.L.  Krakauer,  vice  pres¬ 
ident  and  general  manager  of  customer 
support  business. 

The  announcements,  being  aired  at  the 
HP  Partners  America  Conference  this 
week  in  Los  Angeles,  include: 

•  Proactive  Plus  for  SMB  is  a  support 
program  for  HP  servers  that  run  Microsoft 
operating  systems.  Customers  can  request 
help  for  five  incidents  over  a  one-year 
period  for  $1,1 75,  and  receive  help  for  an 
additional  incident  if  the  service  is 
ordered  by  July  31. 

•  Learning  Curve  includes  unlimited 
access  for  one  year  to  online  resources, 
such  as  instant  chat  with  a  technical  sup¬ 
port  representative,  for  $149.  Access  for  an 
additional  person  is  included  for  free  if 
the  service  is  ordered  by  July  31. 


•  IT  Professional  Help  Desk  for  SMB  lets 
customers  access  Level  2  and  3  help  desk 
support  through  HP’s  professional  ser¬ 
vices  organization. 

For  $1,550,  customers  can  seek  help  on 
up  to  five  incidents,  and  can  receive 
help  on  an  additional  incident  if  the  ser¬ 
vice  is  ordered  by  July  31.  Level  2  sup¬ 
port  generally  requires  a  more  advanced 
IT  staff  member.  Level  3  support  is 
reserved  for  the  most  critical  and  diffi¬ 
cult  problems. 

•  ProLiant  System  Minder  Solution  for 
SMB,  which  monitors  ProLiant  300  servers 
for  crashes,  maintains  the  system  remotely 
and  patches  the  operating  system  for 
$3,650  per  year  or  $308  per  month. 

Krazit  is  a  correspondent  with  IDG  News 
Service  s  Boston  bureau. 


Corrections 


■  The  editorial  “Adding  data  center  capa¬ 
city  block  by  block"  (March  15,  page  52) 
should  have  said  an  average  rack  of  equip¬ 
ment  puts  out  5,000  to  6,000  BTUs. 

■  In  this  week's  Gearhead  column  (page 
64),  the  fifth  line  of  the  fourth  column 
should  read:  p  {font-weight:  normal  limportant:} 


A  NETWORK  OUTAGE  THREATENS 
TO  SHUT  DOWN  GLOBAL  DISTRIBUTION 
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CAN  YOUR  SOFTWARE  KEEP  BUSINESS  FROM  DISAPPEARING? 


Business  Service  Management  solutions  from 
BMC  Software®  can.  In  fact,  they  let  you  predict 
critical  performance  problems  and  resolve  them 
before  they  ever  impact  your  business.  And  you 
can  prioritize  IT  management,  investments  and 
resource  allocations  to  optimize  your  business 
performance.  So  you  can  solidly  align  your  IT 
investments  with  strategic  business  goals. 


And  protect  the  delivery  of  vital  business  services 
like  sales,  customer  service,  online  transactions, 
logistics  and  distribution — whatever  is  most 
critical  to  your  company's  success.  It's  enterprise 
management  software  that  works  with  your  existing 
IT  resources  to  let  you  manage  what  matters  from 
a  business  perspective  and  execute  with  precision. 
Find  out  how  at  www.bmc.com/bsm35 
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New  speech  technologies  making  noise 


*  BY  ANN  BEDNARZ 

A  key  standard  for  building 
speech-based  telephony  applica¬ 
tions,  VoiceXML  2.0,  received  a 
final  nod  of  approval  from  the 
World  Wide  Web  Consortium  last 
week. 

The  standard’s  official  gradua¬ 
tion  comes  just  days  before 
Microsoft  is  expected  to  formally 
launch  its  Speech  Server  prod¬ 
ucts  —  which  adhere  to  a  com¬ 
peting  standards  effort  —  at  the 
SpeechTEK  conference  this  week 
in  San  Francisco. 

The  W3C  advanced  VoiceXML 
2.0,  along  with  the  supporting 
Speech  Recognition  Grammar 
Specification  (SRGS),  to  final 
“recommendation”  status,  effec¬ 
tively  making  them  Web  stan- 
dards.These  are  the  most  mature 
of  a  handful  of  specifications  in 
the  W3C’s  evolving  Speech  Inter¬ 
face  Framework. 

The  Speech  Interface  Frame¬ 
work  aims  to  define  a  set  of  stan¬ 
dards  for  building  applications 
that  let  people  interact  with 
Web-based  services  over  a  tele¬ 
phone.  The  applications  use  a 
variety  of  voice-based  interfaces 
that  range  from  keypads  and 
spoken  commands  to  music  and 
synthetic  speech.  Within  the 
framework,  VoiceXML  controls 
how  a  voice  application  inter¬ 
acts  with  a  user.  Developers  use 
SRGS  to  describe  the  words  and 
phrases  that  end  users  are 
expected  to  give  in  response  to 
spoken  prompts. 

Other  elements  of  the  frame¬ 
work  include  Speech  Synthesis 
Markup  Language  (SSML), 
which  is  used  for  creating  spo¬ 
ken  prompts;  Voice  Browser  Call 
Control  (CCXML),  which  pro¬ 
vides  telephony  call-control  sup¬ 
port  for  VoiceXML  and  other  dia¬ 
log  systems;  and  Semantic 
Interpretation  for  Speech  Recog¬ 
nition,  which  defines  links  be¬ 
tween  grammar  rules  and  appli¬ 
cation  semantics  so  that  an 
application  recognizes  that  two 
spoken  variations  of  the  same 
element,  such  as  “Coke”  and 
“Coca-Cola,”  should  be  treated 
as  the  same  response. 

VoiceXML,  already  is  broadly 
adopted.  It  has  become  a  stan¬ 
dard  scripting  language  for  mak¬ 
ing  Web  content  accessible  via 
voice  and  phone  —  letting  users 
make  selections  and  provide 
information  by  talking  instead  of 
touching  numbers  on  a  keypad. 
(See  related  story  on  VoiceXML 


How  they  compare 


Competition  between  two  standards  —  VoiceXML  and  SALT 
movement  to  speech-enable  Web  content. 


add  drama  to  a  growing 


VoiceXML 


SALT 


Maturity: 


Adoption: 


Likely  audience: 


Established.  Version  2.0  is  an  official  j  Early  stages. Version  1.0  SALT  specification 


W3C  standard. 


is  under  consideration  within  the  W3C. 


Significant.  Scores  of  vendors  have  i  Growing.  Speech  technology  vendors  will 
released  VoiceXML-compliant  products.  :  add  support  for  SALT  as  Microsoft’s  new 

j  Speech  Server  platform  gains  users. 

Java  2  Enterprise  Edition  developers,  j  Visual  Studio  Net  developers. 


2.0  at  www.nwfusion.com,  Doc- 
Finder:  1246.) 

“VoiceXML  allows  users  to  cre¬ 
ate  a  description  of  a  dialog 
between  computer  and  user  that 
can  output  text,  graphics,  synthe¬ 
sized  speech,  digitized  audio  — 
and  also  provide  a  means  to  rec¬ 
ognize  inputs  from  all  these 
sources,”  says  Ron  Schmelzer,  a 
senior  analyst  at  ZapThink.“What 
makes  VoiceXML  cool  is  that  you 
can  specify  an  interface  for  appli¬ 
cation  functionality  that  is  not 
Web-based,  but  specify  it  in  a  way 
that  allows  Web  developers  to 
control  how  these  voice-based 
application  interfaces  work.” 

Scores  of  vendors  have  de¬ 
ployed  VoiceXML  2.0-compliant 
applications,  products  and  ser¬ 
vices,  including  HR  IBM,  Lucent, 
Motorola  and  Nuance. 

Meanwhile,  Microsoft  is  making 
waves  with  its  Speech  Server 
2004  speech-recognition  plat¬ 
form.  Bill  Gates,  Microsoft’s  chair¬ 
man  and  chief  software  archi¬ 
tect,  is  scheduled  to  formally 
launch  the  Standard  and  Enter¬ 
prise  editions  at  the  SpeechTEK 
conference. 

With  Speech  Server,  Visual 
Studio  .Net  developers  can  write 
applications  that  recognize  spo¬ 
ken  commands,  convert  text  to 
speech  and  generate  spoken 
prompts  by  adding  code  based 
on  XML  and  Speech  Application 
Language  Tags  (SALT)  technolo¬ 
gies  to  existing  Web  applications. 

SALT  is  the  Microsoft-backed 
alternative  to  VoiceXML.  It’s  not 
nearly  as  far  along  in  the  stan¬ 
dards  process  —  currently  it  is 
under  consideration  by  the 
W3C.  But  it  has  industry  sup¬ 
port:  Members  of  the  SALT 
Forum  include  founding  com¬ 
panies  Cisco,  Comverse,  Intel, 
Microsoft  and  Philips,  along 
with  Compaq  and  Siemens 
Enterprise  Networks. 

Speech  Server  takes  calls  and 


communicates  with  a  Web  server 
via  XML  and  SALT,  and  makes 
applications  offered  online  avail¬ 
able  through  the  phone,  says 
James  Mastan,  director  of  mar¬ 
keting  for  Microsoft’s  Speech 
Server  group. 

Developers  can  use  Visual 
Studio  to  build  applications,  and 
Speech  Server  runs  just  like  any 
other  Microsoft  server  product, 
Mastan  says.  “It’s  not  some  black 
box  in  a  call  center  that  you  have 
to  program  for  in  some  weird 
language  and  you  can’t  maintain 
yourself  because  you  don’t  know 
how  it  works,” he  says. Ease  of  use 
is  at  the  center  of  the  VoiceXML 
vs.  SALT  voice  browser  specifica¬ 
tion  battle. 

Microsoft  argues  that  SALT  is 


easier  to  use  because  of  its  Visual 
Basic  tie-in,  whereas  VoiceXML 
requires  more  telephony-type 
skills,  says  Bill  Meisel,  president 
of  speech-technology  research 
company  TMA  Associates. 
There’s  some  validity  to  that  posi¬ 
tion,  he  says. 

“It’s  much  easier  for  an  IT  depart¬ 
ment  that  has  been  focused  on  a 
Microsoft  development  environ¬ 
ment  to  use  a  SALT  solution,” 
Meisel  says.  “On  the  other  hand, 
telephone  application  developers 
classically  have  used  tool  kits  that 


For  more  on  VoiceXML 
2.0,  see  PAGE  63. 


are  very  specialized  for  telephony. 
For  them,  VoiceXML  is  a  much 
more  natural  solution.” 

Steve  Chambers,  general  man¬ 
ager  of  ScanSoft’s  network 
speech  division,  expects  users  of 
the  two  standards  to  become 
divided  along  familiar  lines:  .Net 
converts  choosing  SALT, and  Java 
shops  going  with  VoiceXML. 
ScanSoft,  whose  products  in¬ 
clude  speech-recognition  and 
text-to-speech  converters,  will 
support  both  standards, 
Chambers  says. 

Dave  Raggett,  activity  lead  for 
the  W3C’s  voice  browser  and  mul¬ 
timodal  working  groups,  says  the 
two  specifications  could  some¬ 
day  merge.  The  voice  browser 
working  group  is  focusing  on  the 
next  major  version  of  VoiceXML, 
which  will  incorporate  ideas  from 
SALT,  among  other  sources, 
Raggett  says. 

Meanwhile,  Microsoft’s  entry 
will  stir  the  speech-recognition 
market,  but  the  vendor  likely 
won’t  become  a  competitive 
threat  until  it  releases  its  second- 
and  third-generation  products, 
says  Steve  Cramoysan,  a  princi¬ 
pal  analyst  at  Gartner. 

IDG  News  Service  correspon¬ 
dent  Joris  Evers  contributed  to 
this  story. 


Start-up  rolls  out  back-up  software 


■  BY  DENI  CONNOR 

SysDM  is  introducing  software 
designed  to  help  systems  admin¬ 
istrators  identify  network  back-up 
problems,  which  one  expert  esti¬ 
mates  occur  in  almost  half  of  all 
operations. 

The  start-up,  founded  in  2001  by 
storage  veterans  from  EMC,  Gold¬ 
man  Sachs,  Merrill  Lynch  and 
Micromuse,  recently  rolled  out 
WysDM  for  Backups,  software  that 
analyzes  information  it  collects 
from  network  interconnects,  stor¬ 
age, systems  and  applications, and 
diagnoses  problems. 

WysDM  for  Backups,  which  is 
installed  on  a  Linux,  Solaris  or 
Windows  server,  obtains  informa¬ 
tion  from  network  devices  and 
reports  the  potential  and  actual 
problems  that  occurred  during  a 
back-up  process. 

“We  have  found  that  up  to  40% 
of  backups  fail  because  of  a  mix¬ 
ture  of  issues,  including  configura¬ 
tion  issues,  full  disks  and  file  sys¬ 


tems,  and  path  and  network  prob¬ 
lems,”  says  Jamie  Gruener,  senior 
analyst  with  The  Yankee  Group. 

SysDM  CEO  Alan  Atkinson  says 
companies  are  complicating  the 
problem  by  centralizing  backup 
of  as  many  as  1 ,000  servers.  The 
problem  with  centralization,  he 
says,  is  that  if  something  happens 
to  one  server  it  can  affect  other 
servers  being  backed  up,  and  per¬ 
formance  could  suffer.  SysDM 
aims  to  solve  some  of  the  prob¬ 
lem  by  helping  system  adminsi- 
trators  pinpoint  network  bottle¬ 
necks  and  performance  issues. 

“SysDM  not  only  reports  on 
back-up  problems,  but  does 
proactive  analysis  on  perfor¬ 
mance  within  the  back-up  envi¬ 
ronment  —  including  at  the  file 
system,  host  and  disk  array  lev¬ 
els,"  Gruener  says. 

SysDM  says  WysDM  for  Backups 
can  tell  when  a  file  system  is  full, 
when  a  tape  drive  is  faulty,  when 
the  system  CPU  is  busy,  when  a 
back-up  process  failed  or  when  a 


back-up  server  is  busy. 

Douglas  Bovie,  manager  for 
infrastructure  management  for 
telecom  firm  Equant  in  Frankfurt, 
Germany  use$  WysDM  for  Back- 
ups.“lt  helps  us  identify  where  our 
throughput  is  and  where  our 
problems  are  so  I  can  divert 
money  to  the  correct  spot,"  he 
says. 

SysDM  is  not  the  first  to  intro¬ 
duce  reporting  software.  Bocada 
has  BackupReport,  which  reports 
on  the  failure  of  back-up  jobs. 

“What  sets  SysDM  apart  [from 
competitors]  is  the  analyzer  por¬ 
tion  of  the  product,  which  exam¬ 
ines  trending  and  gives  storage 
administrators  the  ability  to  avoid 
back-up  problems,”  Gruener  says. 
“Larger  vendors  such  as  Veritas 
and  Legato  are  just  starting  to  add 
the  back-up  reporting  compo¬ 
nent.” 

Pricing  for  WysDM  for  Backups 
WorkGroup  Edition  starts  at 
$9,000;  WysDM  for  Backups  Enter¬ 
prise  Edition  starts  at  $1 5,000.  ■ 
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With  HP  ProCurve  Networking  solutions,  you  can  get  the  gigabit  technology  you  need  without  having  to 

sacrifice  your  entire  budget  to  get  it.  The  HP  ProCurve  Switch  2800  series  is  engineered  to  deliver  high-performance  gigabit 
technology  at  a  compelling  cost.  Our  switches  include  HP  support,  software  updates  and  our  industry-leading  lifetime  warranty.  With  intelligence 
pushed  to  the  edge  of  the  network,  you  get  the  control  you  need.  All  of  which  translates  into  a  better  return  on  your  IT  investment. 


HP  PROCURVE  SWITCH  2848 

$4,899 

44  10/100/1000  ports 

4  dual  personality  ports  for  10/100/1000 
or  mini-GBIC  connectivity 

802.1  x,  SSH,  SSL  and  port  security 

Lifetime  warranty  with  next-business-day 
advance  replacement** 


invent 


To  learn  more  about  HP  ProCurve's  Jump  2  Gig  Trade-In,  go  to  www.hp.com/go/jump2gig 
or  call  1-800-975-7683  and  mention  code  5000. 


'List  price.  "For  as  long  as  you  own  the  product  (available  in  most  countries).  ©2004  Hewlett-Packard  Development  Company,  L.P. 
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II  The  competitive  nature  of  the  NFL,  it's  very 
similar  to  [the  wireless]  industty.H 

Steve  Largent 

CTIA  president  and  Pro  Football  Hall  of  Famer 


Largent 

continued  from  page  1 

The  competitive  nature  of  the 
NFL,  it’s  very  similar  to  [the 
wireless]  industry”  Largent  says. 

The  50-year-old  Largent  techni¬ 
cally  got  his  start  in  telecom 
while  playing  for  the  Seattle 
Seahawks  in  the  early  1980s.  A 
friend  at  wireless  pioneer  Cellu¬ 
lar  One  asked  Largent  to  pitch 
what  was,  at  that  time,  a  fledg¬ 
ling,  expensive  and  cumber¬ 
some  service. 

“1  was  certainly  one  of  the  first 
guys  on  our  team  to  have  a  bag 
phone,”  Largent  says. 

He  drilled  deeper  into  wireless 
as  a  four-term  Republican  mem¬ 
ber  of  Congress  from  Okla¬ 
homa,  serving  on  the  House 
telecom  subcommittee  from 
1995  to  2000. 

Wireless  industry  players  say 
they  are  impressed  with 
Largent’s  efforts  in  his  new  role. 

“He  obviously  knows  the  pub¬ 
lic-policy  arena  from  his  time  in 
Congress,  and  he  understands 
the  issues  that  are  important  to 
the  wireless  industry]’ says  Doug 
Brandon,  vice  president  of  fed¬ 


eral  affairs  for  AT&T  Wireless. 
“He  also  brings  a  fresh  perspec¬ 
tive  to  the  post.  He  is  a  consen¬ 
sus  builder  and  known  for  his 
integrity” 

Not  surprisingly,  Largent  says 
he  has  “one  of  everybody’s” 
wireless  gadget:  camera 
phones,  PDAs,  BlackBerries  and 
a  wireless  LAN  at  his  home  in 
Washington,  D.C.“My  problem  is 
I  don’t  have  enough  time  dur¬ 
ing  the  day  to  read  all  of  the 
manuals.” 

Largent  keeps  his  cell  phone 
on  all  the  time,  of  course.  He 
even  admits  that  he  talks  on  the 
thing  while  driving  (sometimes 
using  a  hands-free  device),  even 
as  the  CTIA  tries  to  educate 
consumers  on  proper  mobile- 
device  etiquette  and  safety 

“The  worst  story  to  come  out 
of  CTIA  would  be  for  me  to  be 
in  a  wreck  while  I  was  using  my 


cell  phone,”  he  says.“So  I  am 
very  cognizant  of  that.” 

Largent’s  priorities  at  the  CTIA 
include  extending  the  wireless 
market’s  reach  to  more  low- 
income  and  disabled  people. 
One  key  to  enabling  the  indus¬ 
try  to  expand  is  making  sure  it 
stays  largely  unshackled  from  a 
regulatory  standpoint,  he  says. 

“Every  time  somebody  wants 
to  roll  out  a  new  regulation  in 
this  industry,  it  just  adds  to  the 
cost  of  that  phone  service,” 
Largent  says. 

The  CTIA  chief  says  he’s  wary  of 
too  much  industry  consolidation. 

“Consolidation  is  good,  but 
not  any  consolidation,”  Largent 
says.’T  have  some  reservations 
about  having  a  significant  mar¬ 
ket  share  tied  up  in  two  compa¬ 
nies  [Verizon  and  AT&T 
Wireless/Cingular] .  If  our  indus¬ 
try  ever  starts  moving  toward  a 


sort  of  monopolistic  structure 
that  is  not  a  good  thing.” 

He  says  another  challenge  for 
the  industry  is  freeing  up 
enough  spectrum  to  get  North 
American  carriers  to  3G.The 
U.S.  lags  behind  other  countries 
on  this  front. 

“I  don’t  want  to  be  No.  2  or  3, 1 
want  to  be  No.  1,’“  he  says.“Our 
responsibility  is  to  make  sure 
we  have  the  spectrum  neces¬ 
sary  and  the  public  policy  in 
place  that  smooths  the  road 
and  expands  the  wireless 
frontier.” 

Carriers  have  to  find  ways  to 
make  money  with  new  technol¬ 
ogy  too,  such  as  public  Wi-Fi  hot 
spots,  Largent  says. 

“The  potential  exists  for  Wi-Fi 
to  be  an  incredible  comple- 

Get  more  information  online. 
DocFinder:  1252 
www.nwfusion.com 


ment  to  [cellular]  wireless,”  he 
says.“That  movement  toward 
anywhere/anytime  ubiquity  is 
what  we’re  seeking  in  the  wire¬ 
less  world.” 

All  of  which  brings  things 
back  to  Joe  Horn,  who  has  con¬ 
verted  his  cell  phone  celebra¬ 
tion  into  an  appearance  at  the 
CTIA  event  this  week. While 
Largent  says  he  never  would 
have  resorted  to  such  theatrics 
on  the  football  field,  he 
acknowledges  that  the  stunt 
served  as  a  great  promotion  for 
wireless  service. 

“It’s  fantastic,”  he  says.Talk 
about  ubiquitous  service. 

We’re  everywhere,  even  in  the 
Superdome.”  ■ 


Got  great  ideas 


■  Got  an  idea  for  A  Wider  Net 
story?  An  offbeat  network 
industry-related  topic?  A  fas¬ 
cinating  personality  we  should 
profile?  Let  me  know  at 
bbrown@nww.com. 


CTIA 

continued  from  page  1 


to  disclose  attendance  expecta¬ 
tions  for  this  year’s  show  or  fig¬ 
ures  for  last  year’s,  they  said  that 
registration  is  up  20%.  Exhibition 
real  estate  is  expected  to  hold 
steady  at  300,000  square  feet,  as 
is  the  number  of  exhibitors:  750. 

Some  have  significant  news 
on  tap. 

Verizon  Wireless,  the  carrier 
with  the  largest  wireless  share  in 
the  U.S.,  is  evolving  its  network 
to  3G  technologies,  a  process 
the  entire  industry  is  watching. 
3G  promises  to  make  mobile 
phones  into  multimedia  portals 
by  injecting  data-friendly  tech¬ 
nology  and  higher  speeds  into 
the  handsets  and  networks  on 
which  they  rely. 

Verizon  Wireless  is  migrating 
from  a  144K  bit/sec  2.5G  lxRTT 
network  to  a  2.4M  bit/sec  Code 
Division  Multiple  Access  2000 
lxEV-DO  infrastructure.  The  op¬ 
erator  has  a  press  conference 
scheduled  at  CTIA  to  discuss 
progress  in  this  evolution. 

The  company  would  not  pro¬ 
vide  further  detail,  but  specula¬ 
tion  is  that  Verizon  Wireless  will 
announce  a  service  rollout  time¬ 
line.  vendors  selected  for  the 
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rollout  or  both. 

Verizon  Wireless  has  lxEV-DO 
trials  underway  in  San  Diego 
and  Washington,  D.C.Vendors  for 
these  trials  are  Nortel  and 
Lucent,  respectively. 

Lucent  declined  to  comment 
on  Verizon  Wireless’  announce¬ 
ment.  Nortel  also  declined  to 
comment,  as  did  Airvana,  a  Nor¬ 
tel  supplier  of  lxEV-DO  IP  radio 
nodes  and  controllers. 

However,  analysts  say  they 
expect  the  trial  vendors  also  to 
be  Verizon  Wireless’  CDMA2000 
lxEV-DO  deployment  vendors. 

“I  wouldn’t  expect  a  massively 
changed  lineup  from  that,”  says 
Mark  Lowenstein,  managing 
director  of  wireless  consultancy 
Mobile  Ecosystem. “Folks  will  be 
looking  for  a  little  bit  more 
detail  [though]  as  they  begin  to 
market  the  service.” 

Lowenstein  also  says  that  the 
roles  of  802.1  l.WiMax  and  VoIP 
will  be  part  of  the  technology 
discussion  at  CTIA  Wireless  — 
“either  to  be  dismissed,  comple¬ 
mentary  or  ‘disruptive,”’  he  stat¬ 
ed  in  a  recent  newsletter.  Other 
issues  on  tap  are  wireless  WAN/ 
wireless  LAN  integration,  with 
some  of  the  first  integrated 
WAN/801.11  devices  being  de¬ 
monstrated;  and  multimedia, 
including  major  announce¬ 
ments  between  wireless  carriers 
and  media/entertainment  com¬ 


panies  related  to  content  and 
applications,  Lowenstein  says. 

Others  say  device  vendors  will 
follow  suit. 

“I  think  you’ll  see  some  an¬ 
nouncements  around  [multime¬ 
dia]  handsets,”  says  Roger  Ent- 
ner,  a  wireless  analyst  at  The 
Yankee  Group/T  think  more  than 
one  person  might  announce 
[data-only-capable]  handsets.” 

Nokia,  for  example,  is  set  to 
introduce  a  new  handset  equip¬ 
ped  with  Wi-Fi  technology.  The 
device,  the  Nokia  Communi¬ 
cator  9500,  will  let  users  access 
the  Internet  and  make  phone 
calls  via  Wi-Fi  hot  spots,  accord¬ 
ing  to  investment  research  firm 
Rutberg  &  Co. 

Qualcomm  also  is  slated  to 
make  a  multimedia  announce¬ 
ment. 

Sprint  PCS  is  set  to  launch  a 
location-based  service  in  con¬ 
junction  with  Microsoft. 

Microsoft  is  expected  to  intro¬ 
duce  its  MapPoint  Location  Ser¬ 
ver,  which  it  will  bundle  with 
Sprint  PCS  services.  The  compa¬ 
nies  are  teaming  to  offer  a  Web 
services  application  that  lets  IT 
managers,  in  real-time,  manage  a 
fleet  of  trucks,  distribute  field 
services  teams  or  track  assets. 

Sprint  says  the  combined 
service  will  be  available  this 
summer. 

AT&T  Wireless  is  planning  to 


reiterate  its  plans  to  support 
Universal  Mobile  Telecommuni¬ 
cations  System  by  year-end.  The 
carrier  is  slated  to  announce 
relationships  with  Motorola, 
NEC  and  Nokia,  which  will  pro¬ 
vide  3G  handsets  for  its  service. 

Early  last  year,  AT&T  Wireless 
reined  in  its  plans  for  3G  support 
taking  its  13-market  rollout 
down  to  just  four  cities:  Dallas, 
San  Francisco,  San  Diego  and 
Seattle. 

The  carrier  also  is  expected  to 
talk  about  efforts  it  has  made 
over  the  last  six  months  to 
improve  network  performance 
and  coverage.  According  to  a 
company  spokesman,  AT&T  has 
upgraded  40  of  its  GSM  service 
markets  with  new  850-MHz 
equipment  displacing  19-MHz 
gear.  The  850-MHz  gear  propa¬ 
gates  a  stronger  signal,  which 
should  equal  fewer  dropped 
calls. 

Late  last  week,  AT&T  Wireless 
started  offering  a  30-day  service 
guarantee  —  if  customers  are 
not  happy  with  the  service  they 
can  return  their  phone  and 
leave  the  carrier  with  no  addi¬ 
tional  penalties.  But  users  still 
will  have  to  pay  for  usage. 

AT&T  Wireless  is  moving  for¬ 
ward  with  these  developments 
despite  its  impending  $41  bil¬ 
lion  merger  with  Cingular  Wire¬ 
less  (see  www.nwfusion.com, 


DocFinder:  1249),  which  will  be 
another  hot  topic  at  the  show. 
The  merger  is  expected  to  kick 
off  a  spate  of  marriages  in  an 
industry  transforming  itself 
through  consolidation. 

“One  of  the  things  that  has  cre¬ 
ated  a  lot  of  conversation  is, 
where  is  consolidation  going  to 
lead  us?”  says  CTIA  President 
Steve  Largent.“One  of  the  things 
I  like  about  this  industry  is  its 
unpredictable  nature.  I  wish  I 
had  a  crystal  to  tell  you  a  snap¬ 
shot  of  where  we’re  going  to  be 
five  years  from  now.  But  that’s 
kind  of  exciting.”  ■ 


More  online! 

Today  there's  just  one  universal  truth  about 
Wireless  LANs:  The  design,  management 
and  buying  decisions  you  make  now  will 
determine  the  effectiveness  of  your  enter¬ 
prise  network  for  years  to  come.  Attend 
Wireless  LANs:  Gaining  Strength,  Reaching 
Farther,  a  new  Network  World  Technology 
Tour  event.  It  brings  together  the  intelli¬ 
gence,  innovations  and  solutions  you  need 
to  move  forward.  DocFinder  9932 


You  like  your  job.  And  the  boss  likes  you  - 
as  long  as  the  SAN  is  up  and  running. 


Keep  it  that  way  with  NetWisdom  and  Xgig  Analyzer,  the  SAN  monitoring  and  analysis 
tools  that  identify  catastrophic  events  before  they  shut  your  network  down.  SAN  failure 
occurs  after  an  accumulation  of  invisible  errors.  Finisar’s  NetWisdom  and  Xgig  Analyzer 
proactively  identify  and  troubleshoot  network  errors,  reducing  business  losses,  tech¬ 
nology  costs,  and  customer  service  voids. 

Research  shows  that  SAN  downtime  can  cost  organizations  $100,000  per  minute, 
or  more.*  NetWisdom  and  Xgig  help  you  avoid  these  costs  by  conducting  accurate 
performance  tuning  and  capacity  planning. 

When  data  stops  moving,  so  do  the  dollars.  Be  part  of  the  solution:  monitor  your 
SAN  with  Finisar  network  tools  and  stop  degradation,  CRC  errors  and  events  that  can 
impact  your  most  critical  business  data  and  transactions. 

View  our  web  seminar,  including  a  customer  case  study  and  demo  of  NetWisdom  by 
visiting  www.finisar.com/nw 


Finisar 


Finisar  has  been  speeding  up  networks  and 
delivering  best-of-breed  products  and  testing 
solutions  since  1988.  NASDAQ:  FNSR. 


www.finisar.com/nw 
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industry  slow  to  fill  campaign  coffers 


Network  industry  campaign  contributions  decline 

Campaign  finance  reform,  weak  economy  cited  for  drop. 

Total  contributions  (in  millions) 
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B  BY  CAROLYN  DUFFY  MARSAN 

The  network  industry  is  donat¬ 
ing  significantly  less  money  to 
2004  presidential  and  congres¬ 
sional  campaigns  compared 
with  other  industries  than  it  did 
in  the  2002  and  2000  elections, 
preliminary  federal  election 
data  shows. 

The  elimination  of  so-called 
soft  money  contributions,  which 
were  favored  by  high-tech  com¬ 
panies,  caused  the  drop  in  con¬ 
tributions  from  service  provid¬ 
ers,  telecom  equipment  ven¬ 
dors,  and  hardware  and  software 
manufacturers. 

Soft  money  refers  to  contribu¬ 
tions  made  to  national  parties  or 
campaign  committees  for  voter 
registration  and  other  activities 
that  stop  short  of  direct  advocacy 
of  a  candidate  for  federal  office. 
Until  recently  companies  could 
contribute  as  much  soft  money  as 
they  wanted.  Last  years  campaign 
finance  reform  law  banned  most 
soft  money  contributions. 

Only  individuals  —  but  not 
companies  —  can  give  hard 
money  which  is  used  to  directly 
advocate  for  an  election  or  defeat 
of  a  candidate.  Corporations  that 
want  to  influence  the  outcome  of 
federal  elections  now  must  make 
contributions  through  donations 
from  individual  employees  or 
political  action  committees. 

The  network  industry  “relied 
heavily  on  soft  money  says  Larry 
Noble,  executive  director  of  The 
Center  for  Responsive  Politics, 
which  tracks  campaign  contribu¬ 
tions  on  its  OpenSecrets.org  Web 
site.'They  gave  twice  as  much  soft 
money  as  hard  money  in  2002 
and  in  2000.  They’ve  been  less 
reliant  on  executives  giving  hard 
money  than  they  have  on  com¬ 
panies  giving  soft  money 

Noble  says  the  other  reasons  for 
the  network  industry’s  decline  in 
campaign  contributions  are  the 
weakened  financial  condition  of 
most  companies  in  the  sector 
and  a  lack  of  network  industry 
issues  being  debated  on  the  cam¬ 
paign  trail. 

“But  there  are  issues  that  will 
affect  high-tech  businesses  such 
as  taxes,  trade  and  the  exporting 
of  jobs,”  Noble  says.  “One  of  the 
things  that  the  high-tech  industry 
learned  a  number  of  years  ago  is 
that  what  goes  on  in  Washington 
does  affect  them.” 

OpenSecrets.org  lists  the  top 
100  donors  to  the  2004  election, 
and  only  four  of  them  —  Bell¬ 
South,  Microsoft,  SBC  and  Verizon 


—  are  network  companies.Taken 
together,  these  four  companies 
and  their  employees  have  given 
$3,229,455. 

The  Web  site  also  tracks  three 
industry  segments  —  comput¬ 
ers/Internet,  telecom  services  and 
telephone  utilities  —  that  com¬ 
prise  the  network  industry. 
(Federal  election  data  is  released 
quarterly;  the  Web  site’s  figures 
are  accurate  as  of  Dec.  31,  2003, 
and  were  published  in  February) 

The  computers/Internet  seg¬ 
ment,  which  includes  Cisco  and 
Microsoft,  has  given  $8.2  million 
to  federal  campaigns  so  far.  That 
level  of  total  campaign-giving 
ranks  13th  among  all  industry 
segments,  down  from  eighth 
in  2000. 

The  telecom  services/equip¬ 
ment  segment,  which  includes 
Motorola  and  cellular  carriers 
such  as  Cingular  Wireless,  ranks 
44th  among  all  industries,  down 
from  25th  in  2000.  This  segment 
has  given  $2.7  million  so  far. 

The  telephone  utilities  segment, 
which  includes  BellSouth,  SBC 
and  Verizon,  has  given  $3.7  mil¬ 
lion  for  a  ranking  of  37th  among 
all  industries.  In  2000  and  2002, 
this  industry  segment  was  22nd. 

In  2000  —  the  last  year  both 
presidential  and  congressional 
elections  were  held  —  more  than 
half  of  the  contributions  from  all 
three  segments  were  in  the  form 
of  soft  money  The  computer/ 
Internet  segment  contributed 
$20.4  million  in  soft  money  out  of 
a  total  contribution  of  $39.6  mil¬ 
lion.  Similarly  $11.3  million  of  a 
total  contribution  of  $18.2  mil¬ 
lion  from  the  telecom  ser¬ 
vices/equipment  sector  was  in 


soft  money  contributions,  and 
$8.8  million  of  a  total  contribu¬ 
tion  of  $16.7  million  from  the 
telephone  utilities  segment  was 
in  soft  money  contributions. 

“We’ve  had  a  reduction  in 
workforce  in  telecom.  People 
have  not  received  raises,  and 
they  haven’t  gotten  bonuses. 
Those  are  some  of  the  reasons 
for  the  campaign  coffers  not  get¬ 
ting  as  full  this  year/  says  Grant 
Seiffert,  vice  president  of  exter¬ 
nal  affairs  and  global  policy  for 
the  Telecom  Industry  Assoc¬ 
iation,  a  trade  group  that  repre¬ 
sents  telecom  equipment  and 
services  companies. 

Seiffert  says  telecom  executives 
are  interested  in  issues  such  as 
encouraging  broadband  deploy¬ 
ment,  keeping  VoIP  deregulated 
and  increasing  federal  research 
and  development  support,  but  so 
far  these  issues  have  not  received 
much  attention  from  presidential 
or  congressional  candidates. 

Presumptive  Democratic  nomi¬ 
nee  Sen.  John  Kerry  (D-Mass.), 
“has  said  some  things  about 
R&D,  and  Bush  has  said  some 
things  about  the  economy  But 
they  haven’t  highlighted  tele¬ 
com  in  their  speeches,”  Seiffert 
says.“l  imagine  this  fall  you’ll  see 
the  parties  roll  out  their  plat¬ 
forms,  and  they  each  will  have 
something  about  high-tech  and 
telecom.” 

In  other  trends,  it  appears  the 
network  industry  is  favoring  Re¬ 
publican  candidates  over  Demo¬ 
crats  for  the  2004  election.  The 
computers/Internet  segment  has 
given  55%  of  its  contributions  to 
Republican  causes  so  far,  ac¬ 
cording  to  OpenSecrets.org.  Tele¬ 


com  services/equipment  ven¬ 
dors  have  given  59%  to  Repub¬ 
licans,  and  telephone  utilities 
have  given  63%  to  Republicans.  In 
contrast,  the  computers/Internet 
and  telecom  services/equipment 
sectors  favored  Democrats  in  the 
2000  election. 

These  early  trends  in  cam¬ 
paign  contributions  could  shift 
in  the  nine  months  leading  to 
Election  Day.  Some  companies 
and  individuals  skip  the  pri¬ 
maries  and  wait  to  contribute 
when  the  Democratic  and  Re¬ 
publican  candidates  have  been 
selected.  Now  that  Kerry  has 
emerged  as  the  presumptive 
Democratic  candidate,  he  is 
likely  to  gather  more  donations 
from  network  executives. 

“The  real  question  is  what  hap¬ 
pens  between  now  and  July” 
Noble  says.“There  are  people  and 
industries  that  are  sitting  on  the 
fence  and  waiting  to  see  what 
happens.”  ■ 


\  I  / 


■  THIS  WEEK’S  QUESTION: 

Which  carrier  was 
formerly  known  as 
Nextlink? 

Stumped?  Get  the  answer  online. 

Visit  Network  World  Fusion  and  enter 
2349  in  the  Search  box. 

www.nwfusion.com 
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■  IBM  last  week  expanded  its  Op- 
teron-based  workstation  portfolio  with 
a  new  workstation  aimed  at  com¬ 
panies  running  data-intensive  ap¬ 
plications  in  areas  such  as  oil  and  gas 
exploration,  electronic  design  automa¬ 
tion,  computer-aided  engineering,  digi¬ 
tal  content  creation  and  financial 
analysis.  The  IntelliStation  A  Pro 
provides  32-  and  64-bit  capabilities  at  a 
price  below  IBM's  64-bit  Power-based 
workstations,  which  start  at  about 
$8,000,  for  example.  The  IntelliStation 
A  Pro,  which  is  expected  to  be  avail¬ 
able  in  May,  will  start  at  about  $2,600. 

■  StorageTek  last  week  announced 
that  its  SLA8500  and  PowderHorn 
tape  libraries  now  come  equipped  with 
Fibre  Connection  drives.  The  compa¬ 
ny's  T9840C  tape  drive  has  a  native 
FICON  interface  for  attaching  to  IBM 
zSeries  mainframe  environments. 
Previously,  the  drives  had  an  Enter¬ 
prise  Systems  Connection  interface. 
FICON  is  up  to  eight  times  faster  than 
the  older  E-SCON.  FICON  has  a  link 
rate  of  100M  bit/sec  compared  with 
ESCON's  3M  bit/sec.  It  can  span  dis¬ 
tances  of  12  miles  compared  with  1.8 
miles  for  ESCON.  The  company  also 
will  include  FICON  drives  in  its  higher- 
capacity  T9940B  drives  later  this  year. 
TheT9840C  is  $38,000,  and  the 
ESCON -based  9840  costs  $36,000. 

■  Redline  Networks  last  week 
released  new  software  for  its  Web 
acceleration  hardware  products, 
adding  improved  load-balancing  capa¬ 
bilities,  management  tools  and  node 
clustering  to  its  Web  data  center 
appliances.  Release  3.3  of  the  soft¬ 
ware  runs  on  Redline 's  E  |  X  series 
appliances  for  boosting  enterprise 
application  traffic,  and  its  E  |T  line  of 
Web  site  traffic  accelerators.  The  E  |  X 
andT|X  appliances  sit  in  front  of  Web 
and  application  servers,  and  offload 
transactions  such  as  Secure  Sockets 
Layer  encryption  and  compression 
while  providing  load  balancing  and 
application  switching.  Redline  3.3  is 
available  for  E  |X  and  T  |X  customers 
with  software  support  contracts. 
Redline  appliances  start  at  $30,000. 
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■  IAN/WAN  SWITCHES  AND  ROUTERS 

■  ACCESS  DEVICES  ■  SERVERS  ■  VPNS 

■  OPERATING  SYSTEMS  ■  NETWORKED  STORAGE 

■  VOIP  ■  WIRELESS  NETWORKS 


A  Avaya  GEO  talks  VoIP  issues 


Spun  out  of  Lucent's  Enterprise 
Networks  Group  in  2000,  Avaya 
took  with  it  one-third  of  the  U.S.  PBX 
market.  But  a  drop  in  IT  spending 
and  Cisco  s  emergence  as  an  early 
leader  in  IP  telephony  gave  Avaya 
some  problems  out  of  the  gate,  as 
the  company  has  posted  losses 
every  year  since  its  inception.  But 
the  former  Lucent  PBX  arm  is  evolv¬ 
ing,  focusing  more  on  open  systems  and  software 
instead  of  big-iron  TDM  phone  switches.  It  also  turned 
a  profit  of  $10  million  in  its  most  recent  quarter  —  a 
$111  million  swing  from  the  same  quarter  a  year  ago 
—  while  becoming  the  leader  in  converged  PBX  line 
shipments  in  the  fourth  quarter  of 2003,  according  to 
analyst  firm  Infotech.At  the  recent  VoiceCon  show, 
Avaya  CEO  Don  Peterson  talked  to  Network  World 
Senior  Editor  Phil  Hochmuth  about  enterprise  IP  tele¬ 
phony  adoption  and  why  he  is  optimistic  about  the 
market. 


Vendors  in  the  IP  telephony  market  Avaya  included,  are  touting 
productivity  gains  as  the  reason  companies  should  migrate  to  IP 
PBXs  and  converged  applications.  Is  that  a  hard  sell  to  make? 

It  depends  on  if  it’s  really  measurable  productivity  If  you 
go  in  with  a  pitch  that  you’re  going  to  save  a  company  5% 
on  management  costs  with  IP  telephony  then  you  have  to 
answer  their  next  question: ‘How  am  I  going  to  get  rid  of 
5%  of  my  management  people?’  If  the  company  already 
has  a  small  IT  or  telecom  staff,  that’s  hard. 

On  the  other  hand,  Jet  Blue  Airline  [an  Avaya  customer 
that  recently  installed  VoIP  call-center  technology]  didn’t 
save  money  in  terms  of  head  count  by  installing  VoIP  But  it 
saved  on  hours  paid  by  letting  people  work  from  home. 

How  do  customers  target  areas  where  converged  applications 
might  add  productivity? 

It  really  is  a  function  of  how  a  business  organizes  itself 
and  how  it  serves  customers.You  need  to  be  very  specif¬ 
ic  for  areas  that  can  look  for  savings  because  it’s  not 
everywhere. 

You  start  with  discussing  a  company’s  business  model 
and  their  burdens.  A  customer  of  ours  in  the  investment 
industry  said  that  its  analysts  weren’t  using  voice  mail. The 

See  Peterson,  page  22 


Veritas  boosts  disaster-recovery  tools 


■  BY  DENI  CONNOR 

Veritas  Software  last  week  announced 
enhancements  to  its  Veritas  Cluster  Server 
andVolume  Replicator  software,  which  let 
administrators  plan  and  test  their  disaster- 
recovery  schemes  without  disrupting 
operations. 

Veritas  says  that  almost  75%  of  compa¬ 
nies  don’t  test  their  disaster-recovery  plans, 
either  because  they  don’t  have  the  time  or 
hardware  to  do  it  or  because  they  have 
concerns  about  the  effect  testing  will  have 
on  their  production  environments. 

“A  lot  of  companies  don’t  test  their  disas¬ 
ter-recovery  plans  because  they  are  con¬ 
cerned  that  they  will  jeopardize  their  data,” 
says  Jamie  Gruener.a  senior  analyst  forThe 
Yankee  Group. 

The  software  enhancements  include: 

•  A  Disaster  Recovery  Fire  Drill,  which 
lets  users  test,  plan  and  validate  their  disas¬ 
ter-recovery  plans  without  disruption  to 
applications  or  network  uptime.  With  the 
Fire  Drill,  users  can  create  a  copy  of  their 
production  environment  and  test  failover 
scenarios  and  events. 


•  A  cluster  simulator, 
which  tests  application 
failover  scenarios  to  vali¬ 
date  availability  and  ver¬ 
ify  that  applications  are 
migrated  to  the  appropri¬ 
ate  server. 

•  A  Volume  Replicator 
Advisor,  which  analyzes 
bandwidth  needs,  ensur¬ 
ing  optimized  replication 
of  data. 

•  A  global  cluster  op¬ 
tion,  which  upgrades 
availability  from  local  to 
wide-area  disaster 
recovery 

•  Immediate  access  to  replicated  data, 
which  lets  data  be  accessed  instantly  as  it 
is  being  replicated. 

Aaron  Huslage,  a  senior  system  admin¬ 
istrator  for  supply-chain  management 
company  CNF  Service  in  Portland,  Ore., 
says  there  is  an  immediate  benefit  to  the 
software. 

“We  do  a  full-blown  test  of  our  hot  site 
and  cold  site  twice  a  year?  Huslage  says. 


“Because  we  use  an  out¬ 
side  provider  for  our  dis¬ 
aster-recovery  needs,  we 
are  at  their  mercy  for  dis¬ 
aster-recovery  testing 
times.  By  the  time  of  our 
next  test,  there  will  be  a 
whole  lot  of  changes,  so 
having  the  cluster  simu¬ 
lator  will  really  help  us  in 
those  off  times  between 
the  tests.” 

Huslage  says  that  being 
able  to  access  data  while 
it  is  being  replicated  is 
also  very  useful. 

“When  you  are  replicat¬ 
ing  data  and  you  want  to  look  at  that  data 
on  the  other  side, you  have  to  actually  stop 
the  replication,  which  leaves  you  vulnera¬ 
ble,”  Huslage  says.  “With  the  Volume 
Replicator  4.0  software,  you  can  take  a 
snapshot  and  look  at  and  use  the  data 
while  it  is  being  replicated.” 

Pricing  for  Veritas  Cluster  Server  4.0  starts 
at  $3,000.  Pricing  for  Veritas  Volume  Repli¬ 
cator  4.0  starts  at  $4,500.  ■ 


Coming  in  second 

Veritas  took  the  No.  2 
slot  for  storage 
software  in  the  fourth 
quarter  of  2003  with  a 

21.9% 

revenue  share.  It  edged 
out  Computer 
Associates,  HP  and  IBM. 
EMC  is  No.  1. 

SOURCE  IOC 


Great  Moments  at  Work. 

3:24  pm  No  one  interrupts  you  with  a 
request  to  locate  that  critical  document  they 
absolutely  must  have  right  this  very  second. 
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Introducing  the  new  Microsoft  Office  System. 

Now  users  can  do  more  for  themselves  so  you  can  focus 
on  the  important  things.  More  than  just  the  core  suite 
you're  familiar  with,  the  new  Microsoft®  Office  System  is 
an  integrated  system  of  easy-to-use,  expanded  programs, 
servers,  services,  and  solutions  that  help  end  users  be 
more  self-sufficient.  With  Microsoft  Windows®  SharePoint™ 
Services,  Microsoft  Office  SharePoint  Portal  Server  2003, 
and  Microsoft  Office  Live  Communications  Server  2003, 
users  can  easily  search  across  their  company  to  find  existing 
information,  all  while  directly  and  securely  connecting 
to  those  in  the  know.  So  you  can  have  less  involvement 
with  your  end  users'  issues,  and  more  involvement  with 
your  own.  To  find  out  how  the  Microsoft  Office  System 
can  work  for  you,  go  to  microsoft.com/officelT 


Microsoft 
Office  System 

More  than  what  it  used  to  be,  it's  now  a 
comprehensive,  customizable  system. 

Programs 

Servers 

Services 

Access  2003 

PowerPoint®  2003 

Project  Server  2003 

Live  Meeting 

Excel  2003 

Project  2003 

Live  Communications 

Office  Online 

Frontpage®  2003 

Publisher  2003 

Server  2003 

Solutions 

InfoPath™  2003 

Visio®  2003 

Exchange 

Server  2003 

SharePoint™  Portal 
Server  2003 

OneNote™  2003 
Outlook®  2003 

Word  2003 

Solution  Accelerators 

Enabling  Technologies: 

Windows  Server™  2003,  Windows'®  SharePoint  Services, 
Rights  Management  Services 
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In  my  last  column  (www.nwfusion.com, 
DocFinder:  1228),  I  noted  that  David 
Aucsmith  of  Microsoft’s  Security  busi¬ 
ness  unit  suggested  at  a  conference  on 
online  crime  that  security  patches  should 
be  installed  as  soon  as  they’re  available. 

Then,  last  week,  Network  World  Lab 
Alliance  member  Rodney  Thayer  issued  a 
Tester’s  Challenge  (DocFinder:  1229)  to 
Microsoft  and  other  operating  system  ven¬ 
dors  to  do  something  to  make  the  patching 
process  simpler  for  overworked  network 
managers.  Simply  making  patch  availabil¬ 
ity  information  more  readily  accessible 
would  be  a  good  start,  according  to  Thayer. 


Third  parties  can  simplify  patch  process 


If  you’re  frustrated  with  the  patching 
process  too,  perhaps  it’s  time  for  me  to 
remind  you  that  there  are  service  offerings 
from  third  parties.They  will  not  only  inform 
you  of  the  latest  patches  but  also  can  auto¬ 
mate  the  process  of  receiving  them  and 
installing  them  —  Shavlik  Technologies’ 
HFNetChkPro,  Ecora’s  Patch  Manager,  St. 
Bernard  Software’s  UpdateExpert,  Ripple- 
Tech’s  PatchWorks  and,  possibly  the  grand- 
daddy  of  them  all,  PatchLink. 

Since  1996,  PatchLink  (originally  called 
Gravitix)  has  been  in  the  forefront  of  that 
network  niche  called  patch  management 
by  providing  network  managers  an  easy 
way  of  getting  information  about  new 
patches  and  automating  the  process  of 
acquiring  and  installing  them  for  all 
Microsoft,  Unix/Linux,  Novell  NetWare  and 
MacOS  X  operating  systems.  In  addition, 
PatchLink  maintains  a  patch  profile  of 
every  computer  (and  operating  system) 


that  it’s  watching  and  with  the  ability  to  roll¬ 
back  previously  installed  patches  so  that,  at 
any  time,  you  could  completely  reconfig¬ 
ure  one  PC  or  your  entire  network  of  com¬ 
puters  quickly  and  automatically  —  with¬ 
out  ever  visiting  a  server  or  desktop. 

You’d  think  the  operating  system  ven¬ 
dors  would  check  on  the  third-party  prod¬ 
ucts  I  mentioned  —  after  all,  if  people  are 
willing  to  pay  for  good  patch  manage¬ 
ment  then  it’s  most  likely  they’re  satisfied 
with  the  result.  Microsoft  did  incorporate 
some  of  Shavlik’s  technology  in  the 
recently  released  Baseline  Security  Ana¬ 
lyzer,  but  the  standard  patch  release  sys¬ 
tem  that  Redmond  uses  still  leaves  a  lot  to 
be  desired.  I  was  going  to  say  it  was  “one 
beer  short  of  a  six  pack,”  but  the  reality  is 
that  it’s  at  least  three  or  four  beers  short.  If 
you  want  to  get  a  better  handle  on  your 
patching  processes  you  should  visit  each 
of  the  links  listed  above  —  one  is  sure  to 


be  right  for  you. 

Kearns,  a  former  network  administrator,  is 
a  freelance  writer  and  consultant  in  Silicon 
Valley.  He  can  be  reached  at  wired@ 
vquill.com. 


Up  of  the  Week 


This  week  I'm  in  Reston, 

Va  ,  for  NetPro’s  Directory 
Experts  Conference.  If  you're 
there,  stop  me  and  tell  me 
what  improvements  you’d 
like  to  see  in  the  whole 
patching  process.  I  can't 
guarantee  changes,  but  at 
least  I'm  willing  to  listen. 
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analysts  would  let  the  box  fill  up  and  wouldn’t  bother 
with  it,  because  they  didn’t  have  the  time  to  administer 
f  it. 

Unified  Messaging  lets  them  put  messages  up  on  their 
e-mail  screen  —  they  can  see  how  many  messages  they 
have  and  check  them  in  the  order  they’d  like.  So  it 
made  voice  mail  useful  again. The  customer  thought 
this  would  save  their  analysts  10%  of  their  day  Did  this 
allow  them  to  cut  costs  by  reducing  staff?  No.  But  it  did 
make  the  analysts  more  efficient  to  do  their  work 
instead  of  [wasting  time  with  voice  mail  or  missing 
calls] ....  It  varies  all  over  the  map  in  terms  of  how  to 
quantify  the  savings  and  whether  they’re  believable. . . . 
This  is  not  something  that  we’ll  go  in  and  sell.  It’s  some¬ 
thing  that  requires  a  more  consultative  approach. 

What  is  the  climate  among  CIOs  now  in  terms  of  IT  spending? 

Budgets  are  a  little  more  robust,  but  they’re  not  so 
robust  that  anything  goes.They’re  still  husbanding  their 
resources  to  a  certain  degree. 

Are  you  seeing  hard  numbers  in  terms  of  what  customers 
want  in  terms  of  payback  from  an  IP  telephony  system  or 
from  a  IP  telephony  upgrade? 

Not  hard  numbers.  A  year  ago,  they  were  looking  for 
something  close  to  a  one-year  payback  on  a  major  IP 
telephony  project.  Now  they’re  looking  for  something 
closer  to  two.  It  is  loosening  a  bit.  But  in  the  end,  for  our 
business  to  move  forward  robustly  we  are  going  to  need 
to  see  job  creation  and  the  pressures  that  that  puts  on 
companies  to  build  new  facilities  and  add  phones. 

How  would  you  describe  Avaya's  strategy  in  the  IP  telephony 
market  vs.  your  top  competitors? 

Cisco  is  going  to  market  in  their  data  model. They’re 
recruiting  people  who  will  sell  the  LAN  as  well  as  IP 
telephony. That’s  their  real  value  function.  Nortel  is  also 
using  their  traditional  model,  which  does  not  have  a 
large  service  component.  A  major  difference  between 


Nortel  and  us,  even  with  large  buyers,  is  that  they  have 
to  use  distribution  to  get  the  product  and  the  service  to 
customers,  whereas  we  have  a  services  group  of  8,500 
employees  that  does  a  lot  of  direct-touch. 

Our  model  has  been  largely  around  our  base  of  cus¬ 
tomers  and  guiding  them  into  the  adoption  of  this  tech¬ 
nology  We  are  blessed  with  having  the  largest  base  in 
the  U.S.to  do  that.  Our  approach  is  to  build  on  our  tradi¬ 
tional  relationships,  channels  and  so  forth,  but  to  also 
recognize  that  there  are  now  options  for  distribution. 

For  instance,  traditional  data  value-added  resellers  are 
capable  of  doing  VoIP  but  what  they’re  not  capable  of 
doing  is  supporting  a  customer  in  a  mixed  environ¬ 
ment.  So  we’re  approaching  some  of  those  vendors  with 
our  products,  along  with  our  services  and  support  on 
traditional  [telephony  technology] ,  and  giving  them 
product  for  resale  strictly  in  IP 

Is  the  issue  of  VoIP  regulation  something  you  keep  an  eye  on? 

If  you’re  talking  about  arbitraging  local-access 
providers  and  long-distance, yes.  It’s  something  that  we 
pay  attention  to,  for  a  number  of  reasons.  Some  of  our 
products  can  enable  that  —  whether  its  telcos  using 
our  hosted  IP  telephony  products  or  VoIP  products  in 
the  core  of  their  networks;  we  would  like  to  sell  into 
that  market. 

There  is  a  real  regulatory  conundrum  around  VoIRas 
we  have  a  real  spiritual  commitment  of  not  taxing  any¬ 
thing  to  do  with  the  Web.  But  the  reality  is  that  the  Web 
uses  a  lot  of  telco  resources,  at  least  in  providing  its  tele¬ 
phony  services.  We  run  the  risk  of  un-funding  the  tele¬ 
phony  industry  and  things  like  E-91 1  and  subsides  for 
phone  connections  in  poor  and  rural  areas.The  regula¬ 
tors  are  in  a  tough  space;  they’ve  permitted  the  creation 
of  this  real  spiritual  commitment  to  non-regulation  and 
non-taxation  and  it  runs  the  risk  of  undermining  the 
whole  network  model  and  how  it’s  funded.  So  yes,  I 
worry  about  that. 

What  is  the  state  of  research  and  development  at  Avaya?  What 
efforts  at  Avaya  Labs  are  you  most  interested  in? 

We’ve  targeted  R&D  to  be  8%  to  10%  of  revenue.  We’re 
at  8.5%  to  9%  right  now,  and  we’re  pretty  comfortable 
with  that. That  gives  us  about  $360  million  to  $375  mil¬ 


lion  to  spend.  We  think  it’s  very  important  to  keep  up 
that  kind  of  a  spend  rate  . .  .to  keep  us  very  competitive 
in  our  focus,  which  include  IP  telephony  voice  applica¬ 
tions,  and  a  new  area  of  appliances  and  services. 

Some  of  the  things  we’re  focused  on  perhaps  more 
than  our  competitors  is  services.  We’re  using  technolo¬ 
gy  to  advance  that  by  adding  network  management 
and  monitoring  on  a  global  basis  as  a  service  offering. 
In  the  application  realm  and  IP  telephony,  we’re  mostly 
moving  forward  on  our  existing  capabilities,  although 
we  are  looking  at  adjacent  markets  —  unified  commu¬ 
nications  as  an  extension  of  messaging  is  a  good 
example. 

The  appliances  area  is  kind  of  a  new  thing  for  us. 
We’ve  always  sold  proprietary  terminals,  but  in  the 
world  of  IP  the  terminal  is  going  to  be  a  wide  variety 
of  devices,  some  of  them  are  really  consumer  electron¬ 
ics.  We  need  to  figure  out  how  we  play  there.  Our  sys¬ 
tems  will  benefit  from  a  client-server  structure.  So  one 
thrust  is  to  get  our  clients  into  these  devices,  whatever 
they  might  be. 

When  you  bought  a  PBX  you  almost  certainly  had  a 
proprietary  phone. That  proprietary  phone  might  still 
exist  on  the  desk,  but  for  mobility  purposes  we’re 
putting  a  client  in  that  mobile  phone  from  Motorola. 
We’re  putting  softphones  in  PDAs.  We’re  putting  soft- 
phones  in  laptops  and  desktop  devices.  So  the  appli¬ 
ance  becomes  simply  a  software  enablement.  In  the 
extreme,  it’s  a  simple  client.  More  robustly,  it  could  be 
the  softphone  we’re  delivering  on  Windows  devices.  It 
could  be  any  number  of  other  things,  but  we  do 
expect  it  to  be  more  heavily  software-based  than  it  has 
been  in  the  past. 

How  has  Avaya,  with  its  legacy  from  AT&T  and  Lucent  evolved 
from  a  telephone  equipment  company  to  more  open  standards 
and  software-based  products? 

There’s  been  a  step  function.  If  you  go  back  10  or  15 
years,  PBXs  had  proprietary  processors  and  operating 
systems. They  each  have  fallen  by  the  wayside  in  due 
course.  Invariably,  we  have  been  pleasantly  surprised  at 
the  cost  leverage  and  so  forth  that  comes  from  that.  So 
it’s  really  a  matter  of  getting  people  to  embrace  the 
new.B 


"We  have  a  motto  that  says  IT  will  not 
stand  in  the  way  of  what  the  business 
needs  tO  do."  —  Robert  Otto 

2 

■ 


Great  Moments  at  Work. 

Success  Stories  of  an  IT  Hero 


Robert  Otto 
CIO  and  CTO 

The  United  States  Postal  Service, 
Washington,  D.C. 

Robert  Otto  started  his  professional 
career  as  a  clerk.  Today  he  is  the  CIO  and 
CTO  of  the  United  States  Postal  Service®, 
which  processes  about  55  percent  of  the 
world's  daily  mail  volume.  Tasked  with 
reengineering  the  USPS's  technology 
infrastructure,  he's  led  an  effort  to  con¬ 
solidate  and  centralize  disparate  systems, 
standardize  tools  and  vendors,  upgrade 
the  network,  and  embrace  the  Web  and 
wireless  technology. 

Otto  and  his  team  have  built  an  advanced 
computing  environment  that  has  saved 
the  USPS®  some  $50  million  annually. 
More  than  30  Web-enabled  self-service 
applications  help  employees  manage 
items  such  as  health  benefits  and  life 
insurance,  as  well  as  training  on  demand. 

Last  year,  more  than  176  million  con¬ 
sumers  used  the  usps.com  website.  The 
USPS  also  introduced  a  hugely  popular 
desktop  service  called  Click-N-Ship®, 
which  allows  mailers  to  create  their  own 
shipping  labels. 

Great  Moment  at  Work:  "Seeing  the 
positive  impact  this  project  has  had  on  the 
employees  and  customers  of  the  USPS." 

Microsoft  Office  System  salutes  those 
who  have  done  great  work  in  the  IT  field. 
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ustered  storage  technologies  catch  on 


«  BY  DENI  CONNOR 

As  file  sizes  and  data  sets  grow  into  the  terabyte  and 
petabyte  range,  users  are  looking  for  a  method  for 
storing,  accessing  and  sharing  the  files  among  differ¬ 
ent  hosts. 

That’s  where  clustered  and  storage-area  network 
(SAN)  file  systems  come  in. 

Vendors  have  created  software  and  hardware  appli¬ 
ances  that  combine  disparate  file  systems  into  one 
file  system  with  one  name  space. These  appliances 
and  software  improve  users’  ability  to  access  data  and 
share  the  data  with  others  irrespective  of  the  media 
or  host  computer  on  which  it  sits. 

The  technology  these  appliances  and  software  use 
is  known  as  clustered  and  SAN  file  systems.  File  sys¬ 
tems  of  these  types  have  several  advantages  over  dis¬ 
tributed  file  systems: 

•  By  clustering  systems  and  sharing  applications 
and  data,  tasks  can  be  performed  much  more  quickly 
than  they  could  on  individual  machines  because  data 
doesn’t  need  to  be  copied  or  replicated  from  one  file 
system  to  another. 

•  Clustering  provides  more  space  for  files  and  file 
systems. 

•  Management  is  easier  because  only  one  file  sys¬ 
tem  is  being  managed,  not  a  file  system  for  each  stor¬ 
age  device  or  host  computer. 

•  Failover  is  available  because  one  server  in  the 
cluster  can  take  over  the  responsibilities  of  another  if 
it  fails. 

•  Users  have  concurrent  access  to  all  files  located 
on  the  storage  devices  on  their  network. 

Working  as  one 

In  a  cluster,  a  group  of  independent  nodes  or  host 
computers  work  together  as  one  system. They  may 
share  a  common  storage  array  or  SAN  and  have  a 
common  file  system  that  has  one  name  space.  A  tradi¬ 
tional  example  is  HP’s  Tru64  cluster  file  system  used 
in  TruCluster  systems. 

More  recent  implementations  are  from  Cluster  File 
Systems,  Oracle,  Red  Hat,  start-ups  Panasas  and  Spin¬ 
naker  Networks,  and  others.  Red  Hat,  which  acquired 
Sistina  last  year,  released  its  clustered  Global  File 
System  into  the  open  source;  Network  Appliance, 
which  acquired  Spinnaker  Networks,  is  using  its 
SpinCluster  software  to  improve  its  grid  strategy, 
which  clusters  network-attached  storage  (NAS)  and 
SAN  storage.  Oracle  uses  its  Cluster  File  System  on  the 
company’s  Real  Application  Clusters  (Oracle  9i  RAC); 
Cluster  File  Systems  uses  its  Lustre  File  System  to 
build  high-performance  compute  clusters. 

In  the  Lustre  File  System,  Panasas  and  Permabit 
implementations,  individual  servers  are  connected  to 
storage  by  a  metadata  server  or  device,  which  catego¬ 
rizes  each  bit  of  data  so  it  can  be  found  easily. 

Mark  Seager  of  Lawrence  Livermore  National 
Laboratory  and  Scott  Studham  of  the  Pacific 
Northwest  National  laboratory  are  using  the  Lustre 
File  System. 

“Before  we  had  a  file  system  on  every  cluster  and 


had  to  FTP  the  data  between  file  systems,”  says  Seager, 
systems  department  head.  Seager  has  two  1,000-node 
clusters  in  production  today. 

“Better  performance  is  a  key  criteria  for  using  a  clus¬ 
tered  file  system,”  Seager  says.“The  other  issue  for  us 
is  to  not  have  to  replicate  the  data  [to  the  other  clus¬ 
ter]  when  someone  needs  it.” 

Seager’s  group  does  scientific  simulation  and  mod¬ 
eling  with  its  clusters.  Seager  says  it’s  important  to  be 
able  to  read  data  off  the  file  system  and  concurrently 
see  the  results  while  the  simulation  is  still  going  on. 

Steve  Studham,  associate  director  for  advanced 
computing  for  the  Pacific  Northwest  National 
Laboratory  in  Richland, Wash.,  also  is  using  Lustre  for 
its  performance  characteristics  and  size. 

“We  have  a  53T-byte  file  system  that  sustains  perfor¬ 
mance  of  a  little  over  3G  byte/sec,”  Studham  says.“We 
also  have  our  high-capacity  storage  that  has  a  half¬ 
petabyte  file  system  that  will  grow  to  a  little  over  a 


petabyte.”  Studham  uses  the  larger  file  system  for 
scratch  space  for  computational  chemistry,  biology  or 
subsurface  analysis. 

“Sometimes  the  files  are  too  big  to  put  into  the  file 
system  on  one  of  the  nodes  or  the  nodes  need  to 
share  random  locations  in  a  very  large  file  and  you 
need  to  see  the  whole  thing,”  Studham  says. 

Cluster  caveats 

Despite  the  advantages  that  clustered  file  systems 
have,  there  are  caveats. 

“Clustered  file  systems  are  complicated  animals,  and 
they  need  good  support  and  a  knowledgeable  set  of 
technical  people  to  architect  them  and  get  them 
working,”  Seager  says.“We  do  have  a  very  close  rela¬ 
tionship  with  [Cluster  File  Systems]  for  debugging.” 

“Clustered  global  file  systems  are  still  very  hard,” 
Studham  says.“If  you  have  Ph.D.  computer  scientists 
and  people  that  are  brilliant  with  file  systems,  Luster 
is  the  best-performing  one,  and  it  is  the  future.  If  I 
were  a  bank  where  my  employees  are  the  systems- 
administrator-type,  I  would  rather  go  with  a  vendor- 
provided  solution.” 

On  the  other  hand,  SAN  file  systems  connect  servers 


with  storage  and  “virtualize”  the  file  system  environment. 

Terry  Duncan,  chief  of  engineering  and  a  test 
branch  for  the  Beam  Control  division  at  Kirtland  Air 
Force  Base  in  Albuquerque,  N.M.,has  50T  bytes  of 
data  managed  by  ADIC’s  StorNext  FS.  He  uses  it  for 
scientific  image-data  collection. 

“We  take  relatively  large  files  of  up  to  a  gigabyte  in 
size  and  use  a  hierarchical  data  format  to  save  our 
data,”  Duncan  says.“We  have  a  few  million  files  in  our 
large  system.  “We  want  multiple  systems  to  be  able  to 
see  the  same  data  simultaneously  at  a  very  high  rate,” 
Duncan  says.  Some  of  his  files  exceed  a  gigabyte  in 
size.  His  file  system  contains  a  few  million  files. 

Duncan  says  management  is  easier  with  a  SAN  file 
system. 

“For  us, it  is  definitely  easier  to  manage  [our  data],” 
Duncan  says.“If  we  didn’t  have  the  ability  to  write  files 
to  a  common  space  so  they  can  be  accessed  by  a  num¬ 
ber  of  systems  together,  it  would  be  very  hard  to  handle 


the  data  rates  that  we  require.  We’d  spend  a  lot  of  time 
moving  a  half-terabyte  of  data  around  and  doing  analy¬ 
sis  on  it  if  we  didn’t  have  a  single  name  space.” 

“The  StorNext  is  for  when  we  need  much  higher  per¬ 
formance,”  says  Paul  Chapman,  senior  vice  president 
of  technology  at  FotoKem.a  video  post-production 
firm  in  Burbank,  Calif. “The  Isilon  is  used  where  we 
don't  need  the  same  level  of  performance.” 

Chapman  says  deploying  an  appliance  is  much 
easier  than  working  to  implement  a  file  system. 

“The  Isilon  was  much  easier  to  implement,” 

Chapman  says. “You  need  to  look  at  the  nature  of 
your  data  and  what  your  needs  are  with  it. There’s  no 
one  solution  that  does  everything,  which  is  why  we 
have  both  the  Isilon  IQ  and  ADIC’s  StorNext.  Our 
intention  is  to  put  in  a  Linux  cluster  connected  to  the 
Isilon  IQ.”H 


Storage 
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Slicing  up  storage 

A  sampling  of  products  that  allow  concurrent  access  to  files  distributed  among  many  servers  and 


storage  devices. 

Company  name 

Product 

Type  of  file  system 

Operating  systems  supported 

ADIC 

StorNext  FS 

SAN 

Windows,  Linux,  Unix 

Cluster  File  Systems 

Lustre  File  System 

Clustered 

Linux 

IBM 

Global  Parallel  File  System 

Clustered,  SAN 

Linux,  AIX 

IBM 

TotalStorage  SAN  File  System 

SAN 

Windows,  Unix 

Panasas 

ActiveScale  File  System 

NAS 

Linux 

Red  Hat 

Sistina  Global  File  System 

Clustered,  SAN 

Linux 
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■  EMC's  content  management  soft¬ 
ware  division,  Documentum,  has 
purchased  Xerox's  askOnce  tech¬ 
nology  for  integrating  content  from 
disparate  data  sources.  Terms  of  the 
deal  were  not  disclosed.  Documen¬ 
tum  cited  the  acquisition  in  its 
announcement  of  a  product  for 
cross-repository  content  manage¬ 
ment.  Virtual  Repository,  scheduled 
for  release  early  in  the  second  quar¬ 
ter,  is  intended  to  link  structured  and 
unstructured  content  from  internal 
corporate  applications  and  external 
resources.  AskOnce  enables  the 
Virtual  Repository's  integration 
capabilities. 

■  Start  up  Oversight  Technol¬ 
ogies  this  week  will  unveil  an  appli¬ 
ance  called  Oversight  for 
Accounts  Payable.  It  is  designed  to 
reside  in  a  data  center  near  the  ERP 
server  to  periodically  determine  if 
error,  fraud  or  an  intrusion  has 
occurred.  The  device  watches  over 
the  customer’s  payment  process  by 
checking  the  ERP's  database  of 
account  information  and  comparing 
it  with  an  issued  payment.  The  Over¬ 
sight  appliance  is  certified  to  work 
with  the  PeopleSoft  and  JD  Edwards 
ERP  systems  and  will  work  with  SAP 
systems  in  the  future,  the  company 
says.  The  appliance  costs  $85,000. 

■  Vericept  last  week  announced 
anti-fraud  software  that  monitors 
outbound  corporate  IP-based  com¬ 
munications  to  prevent  loss  of  sensi¬ 
tive  data  that  could  lead  to  identity 
theft  Identity  Theft  and  Fraud 
Management  software,  which  runs 
on  a  Linux  server,  passively  scans 
ports  on  switches  and  routers  for 
about  60  categories  of  personal  infor¬ 
mation.  If  the  Vericept  software  sees 
suspicious  activity  leaving  the  organi¬ 
zation  via  HTTP  transfer,  FTP,  e-mail, 
instant  messaging  or  peer-to-peer  file 
sharing,  it  notifies  the  security  man¬ 
ager.  The  anti-fraud  and  identity-theft 
software  is  a  module  that  can  be 
used  with  Vericept  6.0  software. 
Pricing  starts  at  $9,500. 


Microsoft  sold  on  smart  cards 

Software  giant  tightens  up  in-house  security  after  hacker  break-in. 


■  BY  ELLEN  MESSMER 

With  notable  exceptions 
such  as  the  U.S.  Defense  De¬ 
partment,  smart  cards  that 
contain  encryption-based  dig¬ 
ital  certificates  for  signing 
e-mail  or  authenticating  ac¬ 
cess  to  the  network  aren’t  in 
widespread  use  in  the  corpo¬ 
rate  world  even  though  they 
provide  better  security  than  simple  pass¬ 
words.  Microsoft  learned  that  lesson  and  is 
now  a  smart-card  advocate, requiring  every 
one  of  its  55,200  employees  to  use  them  to 


Microsoft's  Jared  Pfost  advo¬ 
cates  for  smart  cards,  which 
provide  two-factor  authentica¬ 
tion  for  enhanced  security  at 
the  company. 

prevent  hacker  break-ins. 

“A  few  years  ago  we  had  a 
break-in,”  says  Jared  Pfost, 
Microsoft’s  group  manager  for 
threat  and  risk  assessment, 
who  is  part  of  Microsoft’s  55- 
member  internal  security  team.  He  says  the 
attack  succeeded  because  the  hacker  got 
ahold  of  reusable  simple  passwords 
belonging  to  Microsoft  employees. 


After  that  incident  —  which  Pfost  could¬ 
n’t  discuss  further  —  Microsoft’s  upper 
management,  including  Chairman  Bill 
Gates,  decided  it  was  time  for  a  radical 
overhaul  in  internal  security  practices  to 
escape  dependence  on  simple  passwords. 
Microsoft  switched  to  smart  cards,  the 
palm-sized  computers  that  can  store  per¬ 
sonal  information  and  play  a  role  in  secu¬ 
rity  in  several  ways. 

Smart  cards  can  be  programmed  to  pro¬ 
vide  physical  access  to  buildings  and 
logic  access  to  networks.  That’s  the  dual- 
use  approach  that  Microsoft  has  for  smart 

See  Smart,  page  26 


Videoconferencing  vendors  embrace  H.350 


■  BY  JASON  MESERVE 

In  an  effort  to  ease  management  of  large 
IP  video  or  even  voice  deployments,  video- 
conferencing  vendors  are  rallying  around 
a  new  specification  that  standardizes  the 
way  endpoint  addressing  information  is 
stored. 

H.350,  the  IEEE  specification  ratified  in 
September  for  storing  IP  video  and  audio 
contact  information  in  a  central  directory 
is  appearing  in  commercial  products,  most 
recently  Radvision’s  Enhanced  Communi¬ 
cations  Server  3.5  gatekeeper  release,  a 
server  that  authorizes  endpoints  on  a  net¬ 
work  and  provides  dialing  plans  such  as 
mapping  a  standard  four-digit  extension  to 
a  device’s  IP  address. 

Unlike  many  “h-dot”  standards,  H.350  is 
not  a  protocol,  but  a  Lightweight  Directory 
Access  Protocol  (LDAP)  schema  that  stan¬ 
dardizes  the  way  endpoint  information 
such  as  IP  address,  H.323  ID  aliases  and 
associated  gatekeeper  domain  name  (such 
as  an  H.323  or  SIP-based  device)  is  stored 
in  and  retrieved  from  a  central  database. 

For  large  corporations,  this  means  rather 
than  maintaining  a  proprietary  database  of 
IP  phone  and  video  endpoint  contact 
information  and  another  for  employee 
names,  addresses  and  phone  numbers, 
everything  can  be  stored  in  the  same 
place.  All  that  is  required  of  the  central 
database  is  that  it  be  LDAP-compatible.  No 
changes  are  needed  to  the  database. 

“Instead  of  treating  voice  and  video  as 
stand-alone  information,  we  can  integrate 


it  with  other  management  applications,” 
says  Tyler  Johnson,  a  telecom  systems  ana¬ 
lyst  at  the  University  of  North  Carolina  at 
Chapel  Hill  and  one  of  the  editors  of  the 
H.350  specification. 

Johnson,  who  is  also  a  lead  engineer  on 
the  ViDe.Net  project  that  is  trying  to  con¬ 
nect  all  the  facilities  on  lnternet2  by  video, 
says  H.350  was  born  out  of  the  need  to 
manage  all  the  universities  and  endpoints 
connecting  to  the  video  network.  “With 
video  and  voice  over  iPjust  a  few  dozen  or 
hundreds  of  users  can  be  tracked  on  an 
Excel  spreadsheet  and  you’ll  be  OK.  But 
when  you  scale  to  thousands  or  tens  of 
thousands  of  users,  it  completely  over¬ 
whelms  the  operating  of  gatekeepers  and 
call  servers,”  he  says. 

Most  likely, VoIP  implementations,  which 
by  nature  will  have  more  users  than  video, 
will  benefit  more  in  the  short  term. 

Before  H.350  adoption,  vendors  such  as 
Radvision  and  Tandberg  used  their  propri¬ 
etary  format  for  storing  the  IP  address  infor¬ 
mation  on  gatekeepers  and  management 


software,  respectively  In  January  Tandberg 
began  supporting  H.350  in  itsTMS  8.0  man¬ 
agement  suite,  letting  any  endpoint  the 
application  manages  —  from  Tandberg  or 
a  competitor — take  advantage  of  a  central 
directory  regardless  of  whether  H.350  is 
supported  in  the  endpoint. 

HCL  Technologies  supports  H.350  in  its 
Session  Initiation  Protocol  servers,  and 
VCON  plans  to  roll  out  support  in  its  MXM 
management  application  in  the  second 
quarter  with  native  support  in  its  current 
line  of  endpoints  by  the  end  of  the  third 
quarter.  A  Fblycom  spokesman  says  the 
company  is  committed  to  the  standard  in 
its  management  products  but  is  not  stating 
any  delivery  dates. 

Even  as  H.350  becomes  more  prevalent 
in  video  and  voice  products,  it’s  not  meant 
for  everyone.’Tt  shouldn’t  be  deployed  in  a 
small  company;  that’s  not  its  use,  not  its 
power;”  says  Christine  Perey  of  Percy  Re¬ 
search  and  Consulting.  She  sees  its  benefit 
for  large  companies  and  service  providers 
with  lots  of  IP  communications  devices.  ■ 
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The  solution  to  ‘offshoring’  problem:  Innovation 


Thomas  Friedman  recently  wrote  an 
excellent  New  York  Times  column  on 
the  topic  of  “offshoring.”  He  con¬ 
cluded, “This  is  a  wake-up  call  for  U.S.  work¬ 
ers  to  redouble  their  efforts  at  education 


and  research.  If  they  do  that . .  .it  will  spur  a 
whole  new  cycle  of  innovation,  and  both 
[the  U.S.  and  India]  will  win.” 

He’s  right,  with  one  important  caveat:  It’s 
not  U.S.  workers  who  need  to  redouble 
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FREE  EVENT  FOR 
QUALIFIED  PROFESSIONALS 


MODERATOR 
Dr.  Jim  Metzler 

DISCOVER  HOW  TO: 

*  deploy  virtual  private  networks 
including  SSL  VPNs  and  IPSec  VPNs 

►  blend  WiFi  with  cellular  data 
services  to  support  mobile  workers 

gain  IOC  Ethernet  speed  on  public 
networks  available  to  desktops 

►  coordinate  solutions  from  diverse 
carriers  and  service  providers 

*•  and  evaluate  the  latest  prevention 
and  detection  security  solutions 

WHO  WILL  BE  THERE? 

►  Expert  Event  Leaders 

Jim  Metzler,  Vice  President, 

Ashton,  Metzler  and  Associates, 
Network  Consultants 

*  Sandra  Gittlen,  Events  Editor  for 
Network  World 

And  leading  WAN  Managers,  Directors 
and  VPs  of: 

►  Planning 

►  Network  Design 

►  Architecture 

►  Telecommunications 

►  Networking 


This  event  is  limited  to  Network  and  IT 
professionals  involved  in  the  evaluation, 
purchase  and  implementation  of  WAN  and 
Network/IT  products  and  services.  Network 
World  Events  reserves  the  right  to  determine 
total  audience  and  profile  of  complimentary 
attendees.  Paid  registration  is  also  available. 
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TOUR 
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InterContinental 
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How  should  your  architecture 
support  on-demand,  automatic, 
or  grid  computing? 

How  should  you  adopt  Web- 
enabled  and  service-oriented 
applications? 

How  should  you  separate  and 
blend  wireless  and  wireline? 


One  year  from  today,  will  you  -  and 

management  -  say  you  made  the  right 
WAN  decisions?  Or  will  you  think, 

‘‘If  I  had  only  known  then  what  I  know  now?"... 
about  emerging  VPN  alternatives.  Secrets  of  VoIP 
deployment.  Balancing  security  and  availability. 
Implementing  service  management  technology. 


You  can  wait  for  answers  or  you  can  attend  WANs:  Survival  of  the  Fittest.. .Fastest.. .Smartest 
the  new  Network  World  Technology  Tour  event  and  get  them  now.  If  you  want  to  be  a  part  of 
the  successful  future  of  WAN,  this  is  a  must-attend,  demo-packed  day.  It’s  the  one  place  to  gain 
across-the-enterprise  tools,  technologies  and  expertise  you  need  to  evolve  an  effective  and 
efficient  WAN,  ready  for  whatever  tomorrow  may  bring. 

Attendance  is  free,  but  access  is  limited  to  network  professionals  who  reserve  in  advance. 

This  exclusive  WAN  event  is  sure  to  fill  fast,  so  register  now. 

Advance  Reservation  by  Qualified  Professionals  is  Required  for  Complimentary  Attendance 

Register  now  at  www.nwfusion.com/WAS4A1  or 
call  1-800-643-4668 
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To  join  sponsors  of  this  premier  Network  World  Event,  please  contact  Andrea  D'Amato  at  1  -508-490-6520 
or  adamato@nww.com  for  free,  no-obligation  information. 


their  efforts.  It’s  the  U.S.  government. 

Before  you  write  me  off  as  another  sup¬ 
porter  of  wasteful  government  spending, 
let  me  explain.  Today’s  Internet  infrastruc¬ 
ture  and  concomitant  productivity  en¬ 
hancements  are  the  direct  result  of  target¬ 
ed  government  spending  during  the  1980s 
and  early  1990s,  when  the  National  Science 
Foundation  directly  underwrote  the  cost  of 
connecting  universities  to  the  ’Net. 

Why?  Scientists  and  engineering  re¬ 
searchers  had  discovered  that  Internet 
connectivity  so  vastly  improved  their  pro¬ 
ductivity  that  a  gap  was  opening  between 
Internet  “haves”  and  “have  nots.”  Intercon¬ 
nected  departments  could  conduct  re¬ 
search  and  generate  new  ideas  in  a  frac¬ 
tion  of  the  time  that  unconnected  folks  re¬ 
quired.  So  they  went  to  the  government 
and  demanded  a  level  playing  field  for  all 
researchers  (which,  as  a  fledgling  particle 
physicist  at  the  time,I  deeply  appreciated). 
Next,  businesses  wanted  in  on  the  game  — ■ 
and  the  Internet  as  we  know  it  was  born. 

This  is  a  common  cycle.  It  happened  with 
computers  —  whose  primary  purpose  ini¬ 
tially  was  to  solve  military  and  scientific 
problems  —  the  Internet,  the  Web  (which 
was  invented  by  particle  physicists)  and 
now  grid  computing.  Technology  innova¬ 
tion  is  often  launched  by  a  few  govern¬ 
ment-funded  laboratory  geeks.  As  a  tech¬ 
nology  gains  wider  industry  acceptance,  it 
creates  well-paying  jobs  for  a  much  larger 
group.  Over  time,  as  the  technical  skill  set 
commoditizes,  salaries  go  down  and  the 
jobs  go  offshore  —  but  a  new  cycle  of  inno¬ 
vation  creates  a  new  round  of  high-paying 
jobs  in  another  technology  area. 

The  key  to  maintaining  this  cycle  lies  in 
continuing  research  and  development 
investment.  We’re  not  talking  exorbitant 
sums  —  the  Internet  backbone’s  opera¬ 
tional  budget  was  a  measly  $10  million  per 
year  in  the  early  1990s.  Although  commer¬ 
cial  research  facilities  can  pick  up  some 
slack,  there’s  an  inherent  conflict  of  interest 
between  the  good  of  corporate  share¬ 
holders  and  the  good  Gf  the  economy.  IBM 
or  Cisco  can’t  be  expected  to  foot  the  bill 
for  technology  innovations  that  might 
potentially  reduce  their  market  value. 

For  that  reason,  the  government  plays  a 
small  but  indispensable  role  in  sustaining 
innovation.  This  isn’t  a  partisan  issue.  Off¬ 
shoring  isn’t  good  because  it  helps  busi¬ 
ness,  or  bad  because  it  hurts  U.S.  workers. 
It’s  the  result  of  a  predictable  economic 
cycle  that  can  benefit  everybody  by  creat¬ 
ing  new  industries  and  continually  stream¬ 
lining  productivity 

So  if  you’re  trying  to  decide  who  to  vote 
for,  keep  in  mind  that  investing  in  technol¬ 
ogy  R&D  is  the  best  way  to  improve  busi¬ 
ness  productivity  and  ensure  a  steady  job 
supply  —  and  grill  your  candidate  of 
choice  for  his  position  on  the  topic. 

Johnson  is  president  and  chief  research 
officer  at  Nemertes  Research ,  an  indepen¬ 
dent  technology  research  firm.  She  can  be 
reached  at  johna@nemertes.com. 


SECURITY  »  WIRELESS  »  collaboration  &  VoIP 

»  INFRASTRUCTURE  &  SERVICES  »  PERFORMANCE  &  DATA  CENTER 


Your  role  is  expanding. 

As  business  infrastructure  moves  to  the  forefront,  your  company 
relies  on  you  to  keep  existing  systems  at  peak  performance  while 
tackling  a  broad  range  of  new  requirements.  Securing  wireless 
networks,  implementing  collaboration  technologies,  improving 
regulatory  compliance,  ensuring  business  continuity — all  while 
doing  more  with  less. 

Enterprise  challenges  demand 
end-to-end  solutions. 

As  networking  and  communications  professionals,  you  need  to 
focus  on  an  end-to-end,  system-wide  approach  when  building 
and  optimizing  your  business  infrastructure: 

»  Security  »  Performance 

»  Wireless  »  Data  Center  and  Storage 

»  Collaboration  and  VoIP  »  Infrastructure  and  Services 


Visit  INTEROP.com  for  details  and  registration. 

Save  up  to  $200 — Register  by  April  9. 

Use  Priority  Code:  ADAPZ1ND 


Put  it  all  together. 

Only  NetWorld+Interop  brings  you  the  latest  strategies,  techniques 
and  products  for  every  point  in  your  infrastructure — and  shows 
you  how  they  can  add  up  to  an  integrated,  end-to-end  solution 
that  meets  every  requirement  on  your  list. 

Make  the  connection  at  NetWorld+Interop. 

For  17  years,  NetWorld+Interop  has  helped  networking 
professionals  take  their  enterprises  and  their  careers  to  the  next 
level.  At  NetWorld+Interop  Las  Vegas  2004,  you'll  make  the 
industry's  best  ideas  and  latest  technologies  relevant  to  your 
needs,  and  discover  that  even  the  toughest  networking  challenge 
is  all  in  a  day's  work. 
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Your  mobile  workforce.  An  army  of  productivity  or  multiple  points  of  entry  ripe  for  intruders?  Enter  the  self-defending  network,  with  integrated  security  woven  throughout.  A  line  of 
defense  that  delivers  security  where  security  is  needed.  Wherever  you  do  business.  Inside  the  intranet.  Outside  the  intranet.  Across  the  Internet.  Even  in  hotel  rooms  on  the  other 
side  of  the  planet.  So  your  jet-lagged  mobile  workers  stay  safe  and  secure.  And  your  business  keeps  marching  forward.  To  learn  more  about  how  Cisco  can  help  plan,  design  and 
implement  your  network  security,  visit  cisco.com/securitynow.  SELF-DEFENDING  NETWORKS  PROTECT  AGAINST  HUMAN  NATURE. 
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A  dangerous  combination 
looms,  as  threats  to  your 
company’s  security  morph 
and  intensify  while  you 
extend  your  applications  and 
open  corporate  databases 
to  outsiders.  That  places 
security  at  center  stage  in 
any  new  data  center  plan. 
Inside,  we  spotlight  your 
security  challenges,  from 
managing  multitudes  of 
user  identities  to 
stomping  out 
vulnerabilities. 
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Move  to  the  IP  beat  with  converged  voice  equipment  from  Sprint 

The  new  portfolio  of  Sprint  business  communications  systems  can  help 
put  your  business  in  the  IP  groove.  Fabulously  future-ready  and  totally 
customer-centric,  this  equipment  can  give  you,  your  management  and  even 
your  finance  team  reason  to  dance.  Contact  us  today  to  learn  more  and  to 
locate  a  Sprint  Authorized  Dealer  near  you. 


sprint.com/equipment 


Sprint 


One  Sprint.  Many  Solutions." 


Copyright  ©  Sprint  North  Supply  2004.  Sprint  and  the  diamond  logo  design  are  trademarks  of  Sprint  Communications 
Company  L.P.,  used  under  license.  All  other  trademarks  are  the  property  of  their  respective  owners. 


AN  EDITORIAL 
SUPPLEMENT/^O 
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Rethinking  networked  IT 


SPOTLIGHT 


In  this  second  of  a  six-part  series,  we  spot¬ 
light  security  challenges,  explore  the  latest 
thinking  on  autonomic  computing,  and  take 
a  glimpse  at  one  user’s  development  of  a 
new  data  center  architecture.  In  addition  to 
the  story,  at  right,  on  how  network  infra¬ 
structure  vendors  are  adding  security  func¬ 
tions  to  their  gear,  inside  you’ll  find: 


^  THIS  MEANS  WAR  The  IT  security 

community  arms  for  battle  with  sophisticated 
new  strategies  and  technologies  for  eradi¬ 
cating  worms. 
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An  analyst  < 


OUR  FEDERATED  ID  FUTURE 

lyst  clarifies  identity 
management  standards  and 
explains  how  all  things  lead 
to  federation. 


Plus 


AUTONOMIC  AUTHORITY 


Six  vendor  execs  tell  us  why  autonomic 
computing  is  one  of  the  new  data  center’s 
most  powerful  technologies. 
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AN  APPLICATION  FRAME- 

FUTURE  From  application 
services  to  management  hardware,  semicon¬ 
ductor  reseller  Smith  &  Associates  strength¬ 
ens  its  just-in-time  business  with  new  data 
center  technologies. 


Watch  for  the  third  installment  of  this  six- 
part  New  Data  Center  series,  coming  May  24, 
with  a  spotlight  on  storage. 
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SPOTLIGHT  ON  SECURITY 
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Some  switches  and  routers  now  can 
identify,  prevent  or  at  least  lessen 
the  effect  of  security  threats,  but 
interoperability,  performance  and 
management  are  sticking  points. 


J^s  you  mop  up  after  the  latest  worm  attack  and  chat  with  your  net- 
work  infrastructure  vendors,  talk  inevitably  will  turn  to  preven- 
and  protective  measures.  Chances  are,  your  vendors  will 
encourage  you  to  secure  every  switch  and  router,  making  your  infrastruc¬ 
ture  gear  part  of  the  layered  security  approach  you  are  taking  toward  secu¬ 
rity  under  the  new  data  center. 


You  just  never  know  when  or  where  software 
will  be  waylaid  by  its  next  vulnerability,  the  ven¬ 
dors  will  say.  As  such,  they’ll  argue, switches  and 
routers  should  be  smart  enough  to  be  your 
helpmates  —  able  to  recognize  and  halt  buffer 
overflows, quarantine  infected  or  unknown  clients 
or  help  push  out  patches. 

That’s  a  particularly  logical  gambit  in  discus¬ 
sions  of  zero-day  attacks,  in  which  the  hacker 
games  begin  the  same  day  that  the  software 
vulnerability  is  publicized.  But  just  as  experi¬ 
enced  shoppers  know  that  you  never  ask  a  tire 
salesman  if  you  need  new  tires,  so  do  enter¬ 
prise  network  executives  understand  that  they 
must  do  their  homework  when  vendors  push 
security  frameworks.  That  means,  of  course, 
pushing  back  —  and  hard  —  to  make  them 
prove  their  claims  of  performance,  interoper¬ 
ability  and  management. 

Still, zero-day  attacks  highlight  a  continuing  en¬ 
terprise  challenge:  the  drawbacks  of  the  hard- 
shell/soft-center  architecture  created  by  tradi¬ 
tional  network  security  designs.  Such  designs 
might  make  the  perimeter  harder  than  nails,  but 


that  won’t  stop  a  rogue  internal  user  or  a  cor¬ 
rupted  download  from  making  a  shambles  of 
the  whole  network,  says  Timon  Sloane,  director 
of  product  management  at  Extreme. 

Preventing  the  network  infrastructure  from  turn¬ 
ing  to  mush  is  behind  gear  vendor’s  latest  strate¬ 
gies  such  as  Cisco’s  Self-Defending  Network, 
Enterasys  Networks’  SecureNetworks,  Extreme’s 
Clear-Flow  and  Nortel’s  Unified  Security  Frame¬ 
work.  Everybody  wants  to  make  sure  their  net¬ 
work  equipment  can  help  identify,  prevent  or  at 
least  lessen  the  impact  of  security  threats. 

Cisco  has  the  NAC 

Cisco  has  its  Network  Admission  Control 
(NAC)  program  for  using  network  infrastruc¬ 
ture  devices  to  prevent  the  spread  of  viruses 
and  worms.  NAC,  which  Cisco  defined  with  the 
help  of  anti-virus  vendors  Symantec  and  Trend 
Micro,  falls  under  the 
Self-Defending  Network 
umbrella. 

As  a  start,  Cisco  offers 
Cisco  Security  Agent 


This  story,  Security 
gear,  continues  on 
page  S6. 


ADVERTISEMENT 


Bringing  performance 
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and  reliability  to  Webifi 


ShopNBC 


NetScaler  bundles  the  functions  of  multiple  network 
appliances  to  ease  the  rollout  of  Webified  applications. 


Vertical  industry:  E-commerce 

Problem:  Providing  good  perfor¬ 
mance  for  a  customer  base  domi¬ 
nated  by  dial-up  users. 

Solution:  NetScaler  9800  Secure 
Application  Switch  to  compress 
SSL  and  non-SSL  traffic. 

Result:  33%  improvement  in 
homepage  download  time  over 
dial-up  lines,  from  24-25  seconds 
to  15-16  seconds.  Average  page 
download  time  reduced  one- 
third  to  one-half.  Improved 
shopping  experience  leads 
to  more  revenue. 

Cost  savings:  Postponed  pur¬ 
chase  of  new  servers  for  18 
months;  approximately  $26,000 
per  year  in  reduced  SSL  and  Web 
log  analyzer  licensing  fees;  lower 
administration  costs. 


ShopNBC.com,  the  nation's  fastest 
growing  online  retailer,  sells  prod¬ 
ucts  affiliated  with  the  NBC  televi¬ 
sion  network  as  well  as  an  array  of 
general  mer¬ 
chandise,  from 
computers  and 
jewelry  to 
health  and 
fitness.  The 

“7ssfon  ShopNBC 

acceleration 

capabilities  in  the  NetScaler  9800 
gave  ShopNBC.com  an  immediate, 
noticeable  performance  boost. 
"NetScaler's  products  surpassed  the 
alternatives  in  delivering  the  perfor¬ 
mance  that  our  customers 
demand,"  says  Steve  Craig,  vice 
president  at  ShopNBC.com.  Even 
with  the  Summer  Olympics  coming 
up,  Craig  is  confident  he  won't 
have  to  buy  more  servers  to  keep 
up  with  demand. 


As  companies  continue  to  turn  to  the  Web  to 
deliver  business-critical  applications,  they  learn 
more  and  more  about  its  limitations. 
Applications  can  perform  poorly,  especially 
under  heavy  load  or  when  accessed  via  low- 
quality  connections.  Providing  proper  security  is 
a  seemingly  never-ending  battle,  whether  the 
goal  is  to  protect  personnel  records  and  cus¬ 
tomer  transaction  data  or  simply  to  maintain 
application  availability  in  the  face  of  a  denial-of- 
service  (DoS)  attack.  You've  also  got  to  ensure 
you  provide  appropriate  virtual  private  network 
(VPN)  access  to  critical  applications  for  an  ever 
broader  range  of  employees,  partners  and  end 
customers  —  without  breaking  the  bank. 

Any  one  of  these  issues  could  threaten  the 
overall  return  on  investment  (ROI)  on  your  Web 
application  infrastructure,  whether  it's  used  for 
internal  applications,  an  extranet  that  ties  in 
business  partners  or  a  public  Web  site.  Taken 
together,  the  various  threats  represent  a  poten¬ 
tially  devastating  risk  to  your  ability  to  achieve 
business  goals. 

You  do  have  options  for  addressing  these 
issues  -  perhaps  too  many  options.  Indeed, 
many  separate  appliances  each  purport  to 
address  a  portion  of  the  problem,  including  load 


balancers,  Layer  7  or  "application  switches," 
compression  appliances,  Web  caches,  Secure 
Sockets  Layer  (SSL)  accelerators,  DoS  protection 
systems  and  VPN  gateways.  The  problem  is, 
cobbling  together  numerous  point  products 
increases  complexity  and  interoperability  risks, 
while  raising  capital  and  operating  expenses. 

"We've  spoken  with  many  people  at  enter¬ 
prises  that  operate  internal  or  external  applica¬ 
tions,"  says  Peter  Sevcik,  president  of 
NetForecast,  a  consulting  firm  that  specializes  in 
analyzing  and  improving  application  perfor¬ 
mance.  "The  issues  they're  facing  today  are 
consistent:  How  do  I  roll  out  a  growing  portfo¬ 
lio  of  Web-based  applications  while  controlling 
performance,  hitting  cost  targets,  and  maintain¬ 
ing  data  center  security?" 

Focused  on  application  delivery 

NetScaler,  based  in  Santa  Clara,  Calif.,  has 
a  solution  for  the  problems  Sevcik  describes. 
The  company  developed  its  9000  Series  of 
application  delivery  systems  to  be  the  next 
generation  of  traffic  management  devices. 
The  devices  specifically  address  the  problems 
associated  with  securely  delivering  complex 
enterprise  and  e-commerce  applications  over 


an  often  unpredictable  Internet.  Whether  the 
application  involves  enterprise  employees 
accessing  a  customer  relationship  manage¬ 
ment  program  or  an  online  buyer  booking 
the  latest  concert  ticket,  NetScaler's  9000 
Series  can  be  a  critical  success  factor  in 
ensuring  applications  meet  performance  and 
security  goals. 

Hundreds  of  leading  companies  already 
depend  on  the  NetScaler  9000  Series,  includ¬ 
ing  ShopNBC.com,  the  nation's  fastest  grow¬ 
ing  shopping  network.  ShopNBC  significant- 


"The  issues  they're 
facing  today  are 
consistent:  How  do  I 
roll  out  Web-based 
applications  while  con¬ 
trolling  performance, 
hitting  cost  targets, 
and  maintaining  data 
center  security?" 

Peter  Sevcik,  NetForecast 


ly  boosted  performance  for  its  dial-up  users 
and  delayed  hardware  upgrades  for  at  least 
18  months.  Another  major  retailer,  Pacific 
Sunwear,  which  has  some  880  brick  and  mor¬ 
tar  stores  and  a  growing  Web  presence,  is 
using  NetScaler's  suite  of  integrated  tech¬ 
nologies  to  improve  performance  and  avoid 
thousands  of  dollars  in  bandwidth  upgrades 
(see  stories,  this  and  facing  page). 

Achieving  stellar  performance 

NetScaler  enterprise  customers  report 
reductions  in  response  time  of  50%  or  more 
for  applications  ranging  from  Web-based  e- 
mail  to  CRM,  human  resources  and  financial 
applications  (see  chart,  next  page).  That 
translates  into  less  time  waiting  for  pages  to 
load  and,  ultimately,  increased  employee  pro¬ 
ductivity. 

The  results  are  similar  for  e-commerce  and 
public  content  sites.  Using  the  9000  Series' 
integrated  compression  and  TCP  processing 
capabilities,  ShopNBC.com  was  able  to 
reduce  download  times  for  its  homepage  by 


NetScaler  puts  it  all  together 

NetScaler  9000  application  delivery  systems  combine  numerous  functions 
traditionally  provided  by  separate  appliances,  enabling  you  to  cost- 
effectively  boost  the  performance,  availability  and  security  of  your  Web 
applications. 


Customers 


Remote 
I  employees 


Compression  SSL  Acceleration 

•  Email 

•  ERP 

•  CRM 
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Case  Study  #2 


Pacific  Sunwear 

Vertical  industry:  Retail 

Problem:  Frequently  dropped 
transactions  during  checkout. 

Solution:  NetScaler  9800  Secure 
Application  Switch  to  compress 
data  and  a  new  network  design 
that  incorporated  load  balancing 
between  two  Internet  T3  access 
links. 


Real  customers,  impressive  results 

NetScaler  delivers  significant  Web  application  response  time  improvement. 


Application 

Response  Time  Improvement  (%) 

PeopleSoft 

62% 

Outlook  Web  Access 

58% 

Lotus i Notes 

55% 

e-Commerce  (ShopNBC  custom) 

33% 

Custom  portal  (online  job  search) 

60% 

SOURCE:  NetScaler  customers 


33%  and  all  other  pages  by  one-third  to  one- 
half,  says  Steve  Craig,  vice  president  with 
ShopNBC.com. 

"Before  deploying  NetScaler  systems,  we 
were  faced  with  the  challenge  of  delivering 
complex  applications  to  a  broad  base  of 
users,  many  of  whom  are  still  on  dial-up," 
Craig  says.  "NetScaler  enabled  us  to  improve 
performance  while  minimizing  server  and 
overall  data  center  investments." 

Not  just  faster,  but  more  secure 

At  the  same  time  that  NetScaler  9000 
devices  improve  performance  for  end  users, 
they  also  increase  application  security  as  a 
whole.  NetScaler  offers  a  range  of  attack  pro¬ 
tection  capabilities,  including  application- 
level  intrusion  filtering  to  block  worms  and 

"NetScaler  enabled 
us  to  improve 
performance  while 
minimizing  server 
and  overall  data 
center  investments." 

Steve  Craig,  ShopNBC.com 

viruses  such  as  Code  Red  and  NIMDA.  The 
devices  also  defend  against  various  types  of 
DoS  attacks,  such  as  SYN  floods  and  the 
recent  MyDoom  set  of  attacks. 

"NetScaler  is  used  as  a  primary  or  sec¬ 
ondary  firewall  by  several  customers,"  Sevcik 
says.  After  conversations  with  several 
NetScaler  enterprise  and  public  Web  site  cus¬ 
tomers,  he  says,  "It  became  clear  that  they 
had  a  need  for  packet  filtering  and  attack 
protection,  and  appreciated  the  fact  that  it 
was  solved  as  part  of  an  integrated  device." 

The  security  provided  by  NetScaler  extends 
to  remote  users  who  access  the  network  via 
VPNs.  The  NetScaler  9000  family  supports 
SSL-based  VPNs,  which  enable  remote  users 


of  all  types  to  securely  access  applications 
using  only  a  Web  browser.  SSL  VPNs  can  be 
configured  to  provide  granular  access  to  spe¬ 
cific  applications  and  directories  —  thus  pro¬ 
tecting  the  rest  of  your  enterprise  network  — 
without  the  expense  and  ongoing  complexity 
of  managing  dedicated  client  software. 

Tallying  cost  savings 

While  NetScaler  uses  all  of  these  tech¬ 
niques  to  thwart  illegitimate  traffic,  it  also 
ensures  that  all  legitimate  requests  get 
through,  improving  overall  availability.  Rather 
than  drop  connections,  as  an  overwhelmed 
Web  server  might  during  peak  periods, 
NetScaler  queues  them  up  for  efficient  han¬ 
dling.  Visitors  never  see  the  dreaded  "server 
not  available"  message. 

That  was  an  important  consideration  for 
ShopNBC.com  because  the  site  is  subject  to 
unpredictable  traffic  spikes,  Craig  says. 
NetScaler  enables  Craig  to  take  such  spikes  in 
stride,  rather  than  adding  horsepower  that  will 
go  unused  except  at  peak  times.  Indeed,  he 
figures  he  won't  need  to  add  servers  for  about 
18  months,  while  other  NetScaler  customers 
report  reductions  of  75%  to  80%  in  the  num¬ 
ber  of  servers  they  require.  Several  NetScaler 
customers  report  savings  of  more  than  $1  mil¬ 
lion  by  eliminating  the  need  to  purchase  addi¬ 
tional  servers  to  handle  increasing  loads. 


You  can  also  expect  large  savings  from 
reduced  bandwidth  requirements.  In  many 
instances,  the  compression  feature  alone  will 
save  customers  $20,000  per  month  in  band¬ 
width  costs,  enabling  the  device  to  pay  for 
itself  in  a  matter  of  months. 

While  these  are  all  hard  cost  savings,  the 
improved  performance,  availability  and  secu¬ 
rity  provided  by  the  NetScaler  9000  also 
bring  considerable  "soft"  cost  benefits. 
Consider  the  savings  in  productivity  when 
screens  from  important  internal  Web-based 
applications  paint  50%  more  quickly. 

Consider,  too,  the  IT  productivity  savings 
from  having  a  single  device  provide  functions 
once  performed  by  many  discrete  appliances. 
When  that  same  device  is  able  to  defend 
against  security  threats,  including  DoS  and 
worm  attacks  that  threaten  availability,  you 
can  see  how  quickly  the  ROI  adds  up. 

Most  any  company  that's  relying  on  the 
Web  to  deliver  critical  applications  could 
benefit  from  the  type  of  performance,  avail¬ 
ability  and  security  boost  that  NetScaler  pro¬ 
vides,  Sevcik  says.  "Any  company  that's  doing 
supply  chain  management,  reaching  out  to 
business  partners  or  using  some  customer 
relationship  software  to  address  many  users 
outside  their  own  company  —  all  of  those 
could  benefit." 


Learn  more  about  accelerating 
and  securing  applications 

Go  online  to  view  a  Webcast  with  Peter  Sevcik  about  best  practices  for  improving 
application  delivery  and  to  download  a  free  application  performance  guide. 


[  Visit:  www,nwfusion.com/go/l\letScaMer 


Result:  A  50%  reduction  in  band¬ 
width  utilization  and  "a  signifi¬ 
cantly  improved  customer 
experience,  ultimately  lead¬ 
ing  to  an  increase  in  sales. " 

Cost  savings:  Avoided  $30,000 
investment  in  dedicated  load  bal¬ 
ancer  and  "many  thousands  of 
dollars"  in  bandwidth  upgrades 
and  additional  capital  equipment. 
ROI  achieved  in  two  months. 


Pftcsim 


Pacific  Sunwear  operates  some  880 
brick  and  mortar  stores,  selling  more 
than  30  popular  surf  and  skate  brands 
including  Billabong,  Dickies,  Quicksilver 
and  Fossil. 

Although 
Pacific  Sun¬ 
wear  is  con¬ 
nected  to  the  Internet  by  two  10M  bps 
circuits,  customers  were  experiencing 
dropped  transactions  in  the  middle  of 
the  electronic  checkout  line  during 
high  volume  periods.  The  company's  IS 
department  addressed  this  problem  by 
installing  NetScaler's  9800  Secure 
Application  Switch.  The  NetScaler  sys¬ 
tem's  compression  capability  immedi¬ 
ately  reduced  bandwidth  requirements 
by  50%,  with  no  need  for  customers 
to  download  any  special  software. 

After  the  NetScaler  9000  Series  sys¬ 
tems  were  deployed,  the  congestion 
that  was  at  the  root  of  the  checkout 
problem  was  gone. 

"There's  no  downside  whatsoever  to 
the  NetScaler  installation  -  it's  been  a 
win-win  situation  across  the  board," 
says  Dwayne  Russell,  director  of  techni¬ 
cal  services  for  Pacific  Sunwear.  "Our 
customers  are  extremely  happy 
because  they  have  fast,  reliable  con¬ 
nections  to  the  site.  IT  management  is 
happy  because  we  are  maximizing  the 
utilization  of  our  existing  network 
resources,  and  our  e-commerce  call 
center  team  is  ecstatic  because  the 
dropped  transactions  have  stopped 
entirely.  Marketing  and  merchandising 
are  delighted  because  we've  seen 
marked  improvements  in  sales.  And 
our  finance  team  is  pleased  because 
we  improved  our  site's  performance  at 
half  the  projected  cost." 
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Security  gear,  a  look  at  how  net¬ 
work  device  vendors  are  dealing 
with  security,  continued  from 
page  S3. 


(CSA).  The  CSA  software, 
which  runs  on  user  clients 
and  enterprise  servers, 
authenticates  users  and  pro¬ 
vides  policy-based  access.  If 
users  have  not  updated  their 
desktops  with  the  latest  patch 
for  Microsoft’s  Internet  Ex¬ 
plorer  or  don’t  have  the  latest 
virus’  digital  signature  files,  the 
CSA  would  quarantine  the  non- 
compliant  devices  or  restrict 
access. 

With  this  effort  is  a  focus  on 
tougher  security  for  VPNs.  Cisco 
has  extended  link-layer  encryp¬ 
tion  to  IPSec-  and  Secure 
Sockets  Layer  (SSL)-based 
VPNs.  Previously  available  only 
for  SSL  VPNs,  link-layer  encryp¬ 
tion  ensures  the  security  be¬ 
tween  every  two  endpoints  that 
an  IP  tunnel  traverses  from  ori¬ 
gin  to  destination.  Each  link 
might  use  a  different  encryp¬ 
tion  key  or  algorithm. 

Cisco  also  is  looking  at  certifi¬ 
cate  exchanges  as  a  way  to 
make  positive  identification  of 
a  user  and  handle  identity  man¬ 
agement,  says  Jeff  Platon, senior 
director  of  product  and  tech¬ 
nology  marketing  for  Cisco. 

The  company  also  is  re¬ 
searching  a  VPN  model  that 
goes  beyond  IPSec,  SSL  or  a 
dedicated  service,  creating 
secured  links  between  all 
nodes  on  the  Internet,  he  says. 
That  would  mean  embedding 
ASICs  in  public  and  private 
switches  and  routers  to  use 
link-layer  encryption  that’s 
more  tightly  integrated  to  the 
application  in  use  —  whether 
it’s  e-mail,  an  accounting  pack¬ 
age  or  a  large  e-commerce 
transaction. 


before  —  consultants,  cus¬ 
tomers  and  partners,  for 
example  —  to  this  location. 

“Put  them  somewhere  that 
they  can  be  checked  for 
patches  and  scanned  before 
they  are  given  an  IP  address,” 
Foitag  says.  If  they’re  not  poli¬ 
cy-compliant,  then  the  users 
could  either  open  a  trouble 
ticket  or  go  to  a  self-remedia¬ 
tion  environment. 

But  interoperability  —  or 
the  lack  thereof  —  is  a  prob¬ 
lem. “The  trouble  right  now  is 
that  all  of  that  is  very  specific 
to  a  certain  vendor’s  hard¬ 
ware  and  software,”  Foitag 
says.“If  they  pitch  a  client-spe¬ 
cific  approach  and  say  ‘Re¬ 
place  all  your  switches  with 
this  Cisco  device,’  then  I’m 
not  buying.” 


In  the  holding  cell 

While  Siemens  Energy  and 
Automation  (SEA)  hasn’t  necessarily 
embraced  Cisco’s  whole  NAC  program  or  Self- 
Defending  Network  concept,  it  has  found  the  CSA 
piece  a  godsend.  SEA  relies  on  the  authentication 
software  to  support  almost  11,000  internal  users 
and  multiple  third  parties  accessing  Web-based 
applications,  says  Kathy  Taylor,  information  secu¬ 
rity  officer  at  the  Alpharetta,  Ga.,  company 

This  sort  of  authentication  is  great  for  ensuring 
that  SEA  engineers,  who  spend  more  time  at  cus¬ 
tomer  sites  than  they  do  at  the  home  office,  do  not 
infect  the  internal  network,  she  says.  “We  want  to 
be  able  to  grab  their  devices  and  make  sure 
they’re  up  to  date  when  they  initiate  dial-up  con¬ 
nectivity’ she  says. 


Taylor  says  she  doesn’t  foresee  the  need  to  blan¬ 
ket  SEAs  switches  and  routers  with  Cisco  security 
software,  but  cautions  that  she  views  the  issue 
from  a  WAN-facing  perspective. 

A  product  such  as  CSA  is  an  easier  business 
case  to  make  than  security  software  for  all 
switches  and  routers,  perhaps  in  part  because  it 
deals  with  a  specific  piece  of  the  network  and  a 
few  critical  functions, she  says. 

A1  Foitag,  chief  network  architect  for  a  major 
Hollywood  movie  studio  that  he  doesn’t  want 
named,  also  likes  the  idea  of  being  able  to  quar¬ 
antine  users  —  building  what  he  calls  a  “jail  net¬ 
work.”  He  would  send  users  who  can  be  authen¬ 
ticated  but  who  have  not  been  on  the  network 


Mining  switch  security 

While  we  might  be  several 
versions  shy  of  interopera¬ 
ble  security,  vendors  are 
pushing  ahead  with  new 
enrichments.  Extreme  has 
focused  on  embedding  se¬ 
curity  functions  into  its 
BlackDiamond  10K,  a  10G 
Ethernet  switch.  BlackDia¬ 
mond  features  Clear-Flow  to 
detect  network  anomalies 
such  as  viruses.  Clear-Flow 
can  provide  detailed  views  of 
network  traffic,  examining  all  traffic  destined  for 
the  accounting  server  or  all  telnet  packets, 
Sloane  says.  It  just  depends  on  the  policy  the 
user  wants  to  implement. 

Clear-Flow  also  can  filter  traffic  and  track  how 
many  kinds  of  certain  events  are  taking  place, 
such  as  SYN  packets  flooding  a  server  (a  precur¬ 
sor  to  a  denial-of-service  attack)  or  how  many 
new  connections  are  being  initiated  from  a  net¬ 
work  node  (a  sign  a  worm  is  propagating  itself). 
When  these  events  hit  certain  thresholds,  Clear- 
Flow  immediately  will  direct  the  traffic  off  the  net¬ 
work  to  mirror  ports  and  send  alerts  to  network 
administrators. 


See  Security  gear,  page  S8 
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Take  control  of  your  Internet  security. 


Introducing  Proventia™  Enterprise  Protection  Products.  Just  because  Internet  threats  are 
complex,  doesn't  mean  your  security  has  to  be.  Finally,  a  single,  unified  protection  appliance 
that  protects  more  with  less,  eliminating  the  cost  and  chaos  of  multiple  stand-alone  security 
products.  Proventia’”  centrally-managed  products  range  from  detection  up  to  completely 
unified  and  proactive  multi-function  protection  appliances,  combining  firewall,  intrusion 
prevention  and  anti-virus  technologies.  Take  control  of  your  enterprise  security.  Switch  to 
Internet  Security  Systems  today.  800-776-2362.  www.iss.net/takecontrol. 
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Security  gear 

continued  from  page  S6 

Clear-Flow  also  can  activate  specific  network 
policies  when  certain  conditions  appear.  For 
example,  it  can  quarantine  the  accounting 
server  or  block  telnet  traffic  at  all  network 
ingress  points. 

Clear-Flow  can  support  128,000  rules  or  policies 
and  penetrate  into  incoming  packets  to  check 
digital  signatures  or  for  a  code  string  associated 
with  a  certain  virus,  for  example. 

While  these  Clear-Flow  capabilities  are  only 
available  now  on  the  Extreme’s  10K  switch,  the 
long-term  plan  is  to  enable  them  across  its  entire 
product  line. 

In  principle,  this  type  of  approach  to  network 
security  is  great,  says  David  Silversmith,  CTO  of 
Carfax,  an  automobile  sales  and  information 
Web  site.  But  he  points  out  two  problems  with  it. 
The  first  is  the  overhead  added  to  each  network 
infrastructure  device  when  it  becomes  security- 
enabled.  The  second  is  device  management 
gets  more  difficult  when  security  functions 
are  added. 

Silversmith  compares  adding  anti-virus,  fire¬ 
wall  and  intrusion-detection  features  into 


switches  and  routers  to  the  all-in-one  printer, 
copier  and  scanner  device  that  locks  up  all 
functions  if  one  fails. 

“When  I  add  nine  things  to  the  router,  will  1 
reduce  its  reliability?”  he  asks. 

As  an  e-commerce  site,  Carfax  cannot  risk  a 
performance  impact.“Running  slow  is  almost  as 
bad  as  being  down,”  he  says. 

Foitag  and  Silversmith  point  out  that  manage¬ 
ability  and  interoperability  are  big  issues  that  beg 
the  question  of  whether  switches  and  routers  are 
the  best  places  to  house  a  rich  menu  of  security 
services. 

“Getting  security  functions  tangled  up  in  very 
expensive  switches  means  that  upgrading  to 
new  capabilities  will  be  slower  and  more  ex¬ 
pensive,”  says  John  Pescatore,a  Gartner  security 
analyst. 

Firewall  vendor  NetScreen  Technologies  has 
added  many  application-level  intrusion-preven¬ 
tion  features,  but  Cisco  has  little  capability  in 
that  area,  Pescatore  says. 

Switches  and  routers  have  broader  reach,  and 
that  level  of  complexity  takes  time  to  develop 
and  implement  —  just  ask  Microsoft.  But  that 
didn’t  stop  Juniper  from  acquiring  NetScreen  in 
a  stock  transaction  valued  at  $4  billion. That 


deal,  expected  to  close  in  the  second  quarter, 
should  give  Juniper’s  enterprise  customers  richer 
embedded  security  features  in  its  M-series  of 
high-capacity  edge  routers. 

As  enterprise  users  investigate  new  network 
infrastructure,  they  need  to  be  aware  of  hackers’ 
remarkable  innovation  and  flexibility. 

If  companies  are  hampered  by  a  switch  oper¬ 
ating  system  and  a  blade  architecture,  and  can 
only  apply  security  where  the  switch  is,  their 
reaction  time  is  going  to  be  longer.  That 
becomes  a  problem  as  zero-day  worm  attacks 
become  the  norm. 

As  with  other  big-ticket  network  purchases,  prag¬ 
matism  will  guide  most  enterprise  security  buyers. 
The  layered  approach  permits  them  to  add  where 
they  can  or  where  they  must,  without  making 
wholesale  changes  to  their  network.  And  they  can 
implement  security  policies  for  different  depart¬ 
ments  or  equip  a  location  with  application-level 
protection. 

And  that’s  a  welcome  change  from  tire  sales¬ 
man  tactics. 

Sweeney  is  a  writer  and  editor  in  Los  Angeles 
who  has  covered  IT  and  networks  for  20  years. 
He  can  be  reached  at  terry@tsweeney.com. 


Network  vendor  security  plans 


Network  infrastructure  vendors  want  to  be  part  of  the  enterprise  security  solution.  Here’s  a  look  at  what  some  switch 
and  router  vendors  are  up  to: 


Vendor  initiative 

Components 

Notes 

Cisco’s  Self-Defending 

Network 

Network  Admission  Control  (NAC):  Identifies  and  quarantines  noncompliant 
and  un-patched  systems,  then  securely  corrects  them.  Includes  the  Cisco 
Security  Agent  (CSA)  and  the  CiscoTrust  Agent  (CTA). 

CSA:  Intrusion-prevention  software  that  resides  on  a  PC  and  server,  and  acts 
as  a  distributed  firewall.  CSA  identifies  and  prevents  malicious  behavior 
before  it  can  occur  and  communicates  the  information  to  the  CTA. 

CTA:  Endpoint  software  that  collects  security  state  information  from  anti¬ 
virus  clients,  for  example.  It  communicates  the  information  back  to  a  central 
management  area. 

Cisco  is  studying  identity-management 
capabilities  using  certificate  exchanges, 
and  is  examining  next-generation  VPN 
capabilities. 

Enterasys’ 

SecureNetworks 

XSR  Security  Router:  A  hybrid  routerfor  regional,  branch  and  remote  offices 
that  combines  WAN  interfaces,  VPN  access  and  a  stateful  inspection  firewall. 
Dragon:  An  intrusion-defense  system  that  identifies  threats,  issues  alerts 
and  provides  forensic  detail.  User  Personalized  Networking  software  intervenes 
to  isolate  and  contain  intrusions  before  they  can  do  harm. 

Enterasys  last  month  announced  Dynamic 
Intrusion  Response,  a  combination  of  IDS, 
network  management  and  policy-based 
switching,  with  the  aim  of  shortening  re¬ 
sponse  times  to  security  threats  and  pro¬ 
viding  higher  levels  of  enterprise  security. 

Extreme’s  Clear-Flow 

Clear-Flow:  Switch  software  that  augments  network  monitoring  tools  with 
mirror  ports  for  sniffers  to  look  at  RMON,  Netf low  and  S-f low  traffic.  Clear- 
Flow  gives  IT  a  detailed  view  of  the  traffic  of  a  department,  a  protocol  type 
or  an  individual  user.  Policy  violations  trigger  quarantines. 

While  Clear-Flow  is  available  only  for  the 
BlackDiamond  10K  10G  Ethernet  switch, 
Extreme  plans  on  rolling  it  out  across  its 
entire  product  line. 

Foundry  Networks’ 
IronShield 

With  IronShield  security,  Foundry  switches  and  routers:  Monitor 
source  and  destination  addresses  to  protect  against  denial-of-service 
attacks.  Protect  firewalls,  servers  and  otherTCP  devices  against  excessive 
TCP  and  User  Datagram  Protocol  traffic  rates.  Provide  access,  authorization 
and  accounting  for  network  devices. 

IronShield  is  available  for  all  of  Foundry's 
Layer  2-Layer  7  switches,  routers  and 
intelligent  traffic  management  devices. 

Nortel’s  Unified 

Security  Framework 

Nortel's  Unified  Security  Framework  organizes  security  into  three  layers. 
Network  Security:  Provides  security  functions  to  physical,  link  and  data  levels. 
Network-Assisted  Security.  Provides  security  functions  to  transport,  session, 
presentation  and  application  levels. 

Application  Security:  Provides  security  for  all  application,  server  and  storage 
platforms. 

The  Unified  Security  Framework  is  available  across  all  Nortel  products,  including 
Optivity,  Contivity  and  Alteon  gear. 

Nortel  has  parallel  efforts  to  equip  all 
network  elements  overtime  with  policy 
authorization;  firewall  and  intrusion  de¬ 
tection;  robust  password  management; 
audit  trails;  encrypted  network  manage¬ 
ment  traffic;  and  public-key  infrastructure- 
enabled  functions. 
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Can  your  network 
chase  off  hackers? 


AT&T  NETWORK  SECURITY  PORTFOLIO.  Can  your  network  drive  hackers  crazy?  Can  it  keep  your  data 
accessible  24/7  to  the  people  who  need  it,  while  building  a  brick  wall  in  front  of  those  who  don’t?  AT&T 
delivers  a  broad  portfolio  of  integrated  network  security  solutions  backed  by  experts  that  assess,  monitor, 
detect  and  resolve  security  issues  before  they  become  security  breaches.  It’s  just  what  you’d  expect  from 
the  networking  company  that  carries  more  Internet  traffic  than  anyone  else  in  North  America.  In  fact,  every 
day,  our  networks  repel  thousands  of  hackers  and  send  them  back  to  the  video  arcades  from  which  they 
came.  CAN  YOUR  NETWORK  DO  THIS?  For  a  positive  answer,  just  call  1-888-889-0234. 


AT&T 

The  world's  networking  company5** 
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At  any  given  moment,  your 
operations  are  vulnerable  to 
attacks.  Hackers,  viruses  and 
intrusions  can  wreak  havoc  on 
your  network  and  can  disrupt 
and  cripple  key  business 
processes  and  assets  -  costing 
your  business  time  and  money. 

AT&T  can  recommend  and 
provide  security  measures 
that  help  prevent  intruders 
from  compromising  your 
networks,  servers,  information 
and  applications  -  protecting 
your  business  by  strengthening 
the  availability  of  your  IT  and 
networking  environment. 

Now  that’s  keeping  your 
business  secure. 

•  The  fully  managed  security 
solutions  provide  simplified 
design,  deployment  and 
management. 

•  Completely  tailored  to  meet 
your  business  security  needs. 


AT&T’s  security  solutions  do  a  number 
on  hackers,  viruses  and  intrusions 
so  they  don’t  do  one  on  you 


AT&T  delivers  a  powerful  suite  of  integrated  security  solutions  that  can  assess 
vulnerabilities,  protect  against  unauthorized  access,  proactively  detect  attacks, 
and  rapidly  respond  to  suspicious  activities  or  events.  It’s  like  a  virtual  security 
guard  to  help  protect  your  network  from  unwanted  intruders. 

AT&T’s  Network  Security  Portfolio  offers  a  broad  array  of  services  that  include: 

•  Intrusion  detection  and  firewall  services 

•  Token  and  Public  Key  Infrastructure  (PKI)  authentication 

•  Network  scanning  services 

And  coupled  with  AT&T’s  professional  networking  expertise  in  the  area  of  ethical 
hacking,  policy  development  and  assessment  services  for  a  secure  solution. 


WHAT  THE  INDUSTRY  IS  SAYING: 


•  Offers  significant  savings  in 
capital  and  operating  costs 
verses  a  seif-managed 
solution. 

•  Provides  expert  security 
networking  and  24x7 
network  monitoring. 


AT&T  [Managed  Security  Services]  was  awarded  the  Customer  Solutions 
Excellence  Award  -  “For  implementing  extremely  flexible  management 
offerings,  being  the  first  to  bring  application  security  services  to  the 
market,  and  offering  the  widest  array  of  services  in  the  industry,  AT&T 
[Managed  Security  Services]  is  awarded  the  Customer  Solutions 
Excellence  Award."  -  Frost  &  Sullivan,  July  2003 


For  more  information,  contact  your  AT&T 
Representative,  or  visit  www.att.com/networking. 


AT&T  Network  Security  Portfolio.  ©2004  AT&T.  All  Rights  Reserved.  Printed  in  U.S.A.  AB-0164 


4Hu 


The  IT  security  community  arms  for  b 
with  sophisticated  new  strategies  and 
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technologies  for  eradicating  worms. 


■  BY  BOB  VIOLINO 


Assaults  such  as  the  recent  Bagle  and  MyDoom 
Ll  V worms  prove  once  again  that  “malware"  at- 
tacks  —  viruses  and  worms  —  are  not  only 
growing  more  prolific  but  also  more  sophisticated.  And  this 
is  only  the  beginning,  the  IT  security  community  fears. 


As  their  companies  become  more  interconnected  via  new  data  center 
technologies,  network  security  officers  and  their  security  vendors  worry 
about  the  next  generation  of  such  attacks,  called  "superworms.”  This 
malware  would  feature  the  most  potent  elements  of  existing  worms  and 
be  aimed  at  specific  targets, 

"In  the  past,  viruses  never  spread  far  because  people  had  to  execute 
them  and  we  could  develop  virus  signatures  to  counteract  them,"  says 
Steven  Hofmeyr.  chief  scientist  at  Sana  Security,  an  intrusion-prevention 
software  vendor.  "Worms  spread  very  rapidly  because  there's  no  human 
intervention.  We  need  different  mechanisms  for  dealing  with  them.” 

It's  war.  and  network  managers  and  security  vendors  have  only  just 
begun  fighting  back.  They're  exploring  new  technologies  and  launching 
creative  efforts  to  counter  attacks  that  cost  billions  of  dollars  in  fixes  and 
lost  productivity. 


Mixing  old  tactics  with  new 

To  protect  their  companies  against  today's  fast-moving  malware,  net¬ 
work  executives  are  combining  aggressive  policies  with  new  and  existing 
technologies.  For  instance,  The  Weather  Channel  in  Atlanta  uses  Mail- 
Marshal  from  NetIQ.  The  product  blocks  e-mail  messages  with  suspected 
viruses  as  if  they  were  spam.  When  SoBig.F  hit  in  June  2003.  The  Weather 
Channel  immediately  grabbed  the  details  about  the  content  of  SoBig.F 
messages  and  loaded  that  data  into  MailMarshal  to  filter  inbound  mail, 
says  Christina  Neustadt,  director  of  customer  service  at  The  Weather 
Channel.  Consequently,  it  quickly  stopped  infected  attachments  without 
disrupting  legitimate  e-mail. 

Neustadt  says  the  company,  which  filters  out  as  spam  about  half  of  the 
100.000  Or  so  e-mails  received  per  day.  is  aware  that  some  zero-day  vi¬ 
ruses  could  slip  through.  Zero-day  viruses  are  new  attacks  that  appear 
before  anti-virus  companies  have  had  a  chance  to  release  fixes.  To  deal 
with  those  attacks,  The  Weather  Channel  uses  Network  Associates' 
McAfee  anti-virus  software,  which  scans  all  desktop  machines  daily,  The 
company  is  exploring  intrusion-prevention  technology,  subscribes  to 
CERT  advisories  and  analyzes  anti-virus  sites.  “We  do  a  lot  of  upfront  due 
diligence,  constantly  trolling  for  what  may  be  out  there. "  Neustadt  says. 

Texas  Tech  University  in  Lubbock  was  plagued  with  viruses  —  73  to  100 


Sure,  Joe  Green,  assistant  vice  president  of  techp 
services  for  Texas  Tech  University,  leans  on  techn 
to  defend  against  malware,  but  he  also  uses  an-& 
incident-response  team. 


An  analyst  clarifies  identity  management  standards,  explaining 
how  all  options  lead  to  federation. 


■  BY  JAMES  KOBIELUS 


ederation  is  the  domi¬ 
nant  trend  in  identity 
management.  But  many 


users  still  aren’t  sure  what  feder¬ 


ated  ID  management  is,  how  it  can 
benefit  them  or  how  they  can 
implement  it  as  part  of  the  evolv¬ 
ing  new  data  center  architecture. 

Essentially;  federated  ID  management  is  a 
result  of  the  modern  world  of  distributed  net¬ 
work  services  and  refers  to  establishing  trust 
relationships  among  decentralized  security  and 
policy  domains.  With  a  federated  ID  environ¬ 
ment,  a  layer  of  abstraction  is  implemented  over 
legacy  identity  and  security  domains.  Using  stan¬ 
dardized  methods,  each  domain  can  share  its 
local  identity  and  security  information  while 
retaining  its  own  internal  directory,  meta¬ 
directory  account  provisioning  and  public-key 
infrastructure  services. 

Many  IT  professionals  have  heard  of  federated 
ID  initiatives  such  as  the  Security  Assertion 
Markup  Language  (SAML),  Liberty  Alliance  and 
WS-Federation,  but  aren’t  clear  on  whether,  how 
and  to  what  extent  these  specifications  overlap 
or  complement  one  another.  They  wonder 
whether  the  technology  is  ready  to  use  in  their 
new  data  center  architectures.  Rest  assured,  fed¬ 
erated  ID  deployment  is  growing  rapidly  deliver¬ 
ing  solid  benefits  for  pioneers  even  as  standards 
makers  work  to  ease  the  way  toward  tomorrows 
implementations. 


Standards  emerge 

The  primary  federated  ID  standards  vying  for 
a  place  in  your  infrastructure  are  SAML  1.1, 
Liberty  Alliance  Identity  Federation  Framework 
1 .2  (1D-FF)  and  Identity  Web  Services  Frame¬ 
work  1.0  (ID-WSF),  and  WS-Federation  1.0. 

While  implementing  custom-built  federated  ID 
See  Federated  ID,  page  SI  4 


You  take  your 
company's 
infrastructure 
security  seriously. 

So  do  we. 


Security  is  a  primary  concern  for  all  of  us.  That's  why  we've  developed  an  array  of  new  tools  and  guidance, 
centralized  at  microsoft.com/security/IT.  It's  a  resource  you  can  turn  to  for  timely  news,  education,  and  tools, 
all  intended  to  help  you  better  plan  and  manage  the  security  strategy  that's  right  for  your  company. 


Take  advantage  of  the  latest  tools  and  training  at 

Free  Security  Training 

Register  for  free  security  management  training, 
including  a  Security  Summit  in  a  city  near  you,  weekly 
security  Webcasts,  and  in-depth  e-learning  designed 
to  help  you  improve  your  security  infrastructure. 

Free  Tools  and  Updates 

Streamline  patch  management  with  free  tools 
such  as  Microsoft®  Software  Update  Services. 
Download  software  like  Microsoft  Baseline  Security 
Analyzer  to  verify  that  your  systems  are  configured 
to  maximize  security. 


microsoft.com/security/IT. 

Free  Emergency  Notifications 

Sign  up  to  stay  up-to-date  with  the  latest 
vulnerability  assessments,  mitigation  advice, 
and  patch  availability. 

Free  Security  Guidance  Kit 

Evaluate  detailed  guidance  and  templates, 
then  pre-order  your  free  CD-ROM  with  roadmaps 
and  how-to  guides.  Learn  how  measures  like 
automating  security  patch  installation  and 
blocking  unsafe  e-mail  attachments  can  help 
better  protect  your  organization. 


Go  to  microsoft.com/security/IT 


For  ongoing  guidance  to  help  better  plan  and  manage  your 
company's  IT  security,  go  to  microsoft.com/security/IT  today. 

Microsoft 
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environments  also  is  possible, 
such  interfaces  aren’t  easily 
extensible  to  new  partners  and 
applications.  That’s  what  one 
multinational  financial  services 
firm  found  when  it  built  a  federated 
business-to-business  ID  environment 
using  a  proprietary  approach.The  firm’s  fed¬ 
erated  ID  environment,  built  three  years  ago,  lets 
employees  log  on  to  an  internal  employee  portal 
and,  through  that  site,  access  partner  Web  sites. 
They  do  so  on  a  single  sign-on  (SSO)  basis. 

“With  [the  emergence  of]  SAML,  we’ve  gotten 
push  back  from  external  partners  because  our 
federation  approach  is  proprietary  That  has  spur¬ 
red  us  to  implement  SAML,  which  has  come  up  as 
a  top  priority’  says  a  project  leader  for  Web  ser¬ 
vices  security  at  the  firm  who  asked  not  to  be 
named. 

Indeed,  with  standards  development,  the  num¬ 
ber  of  companies  that  have  built  federated  ID 
production  and  pilot  implementations  contin¬ 
ues  to  grow.  Burton  Group  estimates  many  more 


than  100  federated  ID  production 
implementations  have  launched 
throughout  the  corporate  world. 

Many  of  these  implementa¬ 
tions  involve  SAML-enabled  Web 
access  management  tools  from 
vendors  such  as  Computer  Assoc¬ 
iates,  Entrust,  Entegrity,  HE  IBM 
Tivoli,  Netegrity  Novell,  Oblix,  Open- 
Network,  RSA  Security  and  Sun.  An  open 
source  implementation  of  SAML  also  is  avail¬ 
able  through  www.opensaml.org. 

When  companies  turn  to  SAML,  they  do  so  for 
internal  and  business-to-business  SSO,  but  usually 
in  phases,  depending  on  where  their  needs  for  fed¬ 
erated  ID  are  strongest.“We’re  already  doing  SAML, 
but  only  in  limited  external  federation  deploy¬ 
ments,”  says  Mike  Beach, associate  technical  fellow 
at  Boeing  Shared  Services  Group  in  Seattle.  Boeing 
has  implemented  two  business-to-business  pro¬ 
duction  deployments  of  SAML  for  SSO  with  cus¬ 
tomers,  plus  has  several  others  in  discussion. 

“The  great  thing  about  using  the  SAML  standard 
is  we  can  provide  interoperability  even  with  dif¬ 
ferent  vendor  products  at  the  end  points,”  Beach 
says. “We  even  have  a  successful  integration  with 


Three  Liberty  standards 

The  alliance  remains  hard  at  work. 

Although  the  Liberty  Alliance  has  turned  over  one  of  its  standards,  Liberty  Alliance  Identity 
Federation  Framework  1.2,  to  the  Organization  for  the  Advancement  of  Structured  Inform¬ 
ation  Standards,  the  alliance  continues  work  on  Identity  Web  Services  Framework  1.0  and 
Identity  Service  Interface  Specifications. 

ID-FF  1.2  establishes  federated,  multilateral  trust  relationships  across  Liberty-enabled  iden¬ 
tity  domains,  known  as  circles  of  trust,  while  enabling  identity  federation,  account  linking  and 
single  sign-on  with  privacy  protection.  This  standard  has  become  the  basis  of  OASIS'  next 
major  federated  ID  management  standard,  Security  Assertion  Markup  Language  2.0. 

ID-WSF  1.0  enforces  detailed  policy  controls  through  permission-based  attribute  sharing 
that  governs  exchange  of  identity  information  across  Liberty  ID-FF  1.2-based  circles  of  trust. 

ID-SIS  1.0  expands  the  range  of  application  services  that  can  use  Liberty  ID-FF  1.2  and  ID- 
WSF  1.0.  To  date,  Liberty  has  published  two  ID-SIS  1.0  specifications:  the  ID-SIS  Personal 
Profile  Service  and  the  ID-SIS  Employee  Profile  Service.  The  alliance  will  work  with  other 
groups  to  extend  the  core  identity  schemas  defined  under  those  groups'  standards,  such  as 
standards  for  contact  books,  geolocation,  presence,  calendaring,  wallet  and  other  network  ser¬ 
vices.  These  schema/protocol  extensions  will  let  various  application  environments  leverage 
core  Liberty  features,  including  account  linking,  single  sign-on,  global  session  logout  and 
permission-based  attribute  sharing. 


V. 


James  Kobielus 
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What  about  Shibboleth? 

This  open  source  effort  seems  confined  to  research  environments  for  now. 

The  Liberty  Alliance's  standards  aren’t  the  only  federation  specifications  that  leverage  and 
extend  Security  Assertion  Markup  Language  1.x.  Another  SAML-based  federated  ID  manage¬ 
ment  environment,  called  Shibboleth,  has  taken  root  among  higher  education  and  research  insti¬ 
tutions  involved  in  the  Internet2  project.  About  40  U.S.  campuses  participate  in  the  Shibboleth  ID 
federation  environment,  which  lets  them  leverage  local  logons  for  secure  but  anonymous  access 
to  information  resources  hosted  at  other  institutions. 

The  Shibboleth  community  has  built  its  federation  environment  on  the  OpenSAML  code  base. 
However,  the  community  has  defined  many  extensions  to  enable  user  anonymity,  privacy  protec¬ 
tion  and  other  features  not  supported  in  the  core  SAML  1.x  standard.  The  Shibboleth  project, 
which  began  developing  its  federation  architecture  four  years  ago,  provides  its  code  base  on  an 
open  source  basis.  The  project  is  entirely  separate  from  the  Organization  for  the  Advancement  of 
Structured  Information  Standards'  Security  Services  Technical  Committee  (which  defines 
SAML)  and  the  Liberty  Alliance.  Unlike  SAML  and  Liberty,  there  are  no  commercial  products  or 
services  that  implement  the  Shibboleth  code  base  or  specifications. 

—  James  Kobielus 


an  open  source  SAML  implementation.” 

Liberty-based  federations  are  fewer  than  pure 
SAML  implementations  but  are  becoming  more 
prevalent.  MarviQ,  a  Dutch  application  service 
provider  and  systems  integrator,  has  implemented 
a  hybrid  Liberty/SAML-based  federated  ID  envi¬ 
ronment  for  some  customers,  and  within  its  own 
intranet.lt  chose  SAML  1.0  as  a  basis  for  federated 
ID.  “[However],  since  [SAML  1.x]  only  supports 
transmission  of  security  data,  we  needed  to  fill 
some  gaps,  such  as  global  logoff.  We  used  parts  of 
ID-FF  for  that. Currently  we  are  working  for  one  of 
our  customers  to  get  this  to  comply  to  ID-FF  fully 
and  maybe  ID-WSF  as  well.  I  find  the  Liberty  spec¬ 
ification  the  most  elegant  way  to  implement  fed¬ 
erated  identity  systems,”  says  Jaap  Gorjup,  lead 
architect  for  security  and  ID  management  at 
marviQ  in  Amsterdam. 

Microsoft  and  IBM  are  the  primary  developers  of 
WS-Federation,  one  of  several  WS-*  specifications 
the  two  companies  worked  on.  This  specification 
doesn’t  build  on  SAML  1.x,  although  it  is  similar  to 
the  SAML  and  Liberty  specifications.  WS-Fed- 
eration  addresses  the  same  broad  functionality  as 
Liberty’s  ID-FF  1 .2,  including  support  for  multilat¬ 
eral  identity  federation,  account  linking,  SSO  and 
privacy  protection.  And,  like  SAML  and  Liberty  WS- 
Federation  implements  its  profiles  primarily 
through  browser  redirections  and  a  request/reply 
protocol  for  exchanging  security  tokens. 

Unlike  Liberty  and  SAML,  WS-Federation  is  ag¬ 
nostic  to  the  tokens  whether  its  username/ 
password  pairs,  Kerberos  tickets,  X.509  certifi¬ 
cates  or  SAML  assertions  —  used  for  federated 
security  services. This  is  because  WS-Federation 
references  WS-Security  and  inherits  that  specifi¬ 
cation’s  support  for  a  broad  range  of  tokens. 

But  WS-Federation’s  road  map  is  uncertain.  WS- 
Federation  1.0  was  announced  by  Microsoft  and 
IBM  last  July.  But  these  vendors  have  not 
announced  plans  to  turn  WS-Federation  over  to 
OASIS  or  any  other  standards  group,  pending 
ongoing  workshops  and  interoperability  tests  with 
customers. 

Standards  evolution 

The  Security  Services  Technical  Committee 
(SSTC),  responsible  for  ongoing  SAML  develop¬ 
ment  at  the  Organization  for  the  Ad¬ 
vancement  of  Structured  Infor¬ 
mation  Standards  (OASIS),  is  the 
principal  group  defining  federated 
ID  standards.  The  current  SAML 
standard  is  Version  1.1,  which 
OASIS  ratified  last  September.  SAML 
1.1  incorporates  incremental  feature 
enhancements,  clarifications  and  errata 
over  SAML  1.0,  which  OASIS  ratified  in  November 
2002.  Soon  after  its  finalization  in  the  middle  of 
2002,  SAML  1.0  was  rapidly  embraced  and  imple¬ 
mented  by  Web  access  management  vendors. 

SAML  1.1,  like  its  predecessor,  defines  a  stan¬ 
dard  for  bilateral  SSO  among  two  federated 
domains:  one  that  authenticates  browser-based 
users  and  another  that  controls  access  to  the 
requested  resource.The  standard  defines  a  data 
structure  (called  assertions),  server-side  func¬ 
tional  entities  (called  authorities),  implementa¬ 
tion  profiles  and  a  request/ response  messaging 
protocol  to  support  this  core  functionality. 

Many,  but  not  all,  Web  access  management  ven¬ 
dors  have  upgraded  their  products  to  support 
See  Federated  ID,  page  SI  8 
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Emergency  phone  calls  from  your  remote  data  center?  No  problem.  With  the  Avocent  DS  Series, 
you  can  access  and  control  any  data  center  device,  right  from  your  desktop.  Whether  it’s  the 
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power  management,  and  lets  you  control  your  entire  data  center,  all  from  a  single  screen. 

Anytime.  Anywhere. 

The  Power  of  Being  There* 
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Serverlr^i"— when  it  comes  to  Layer  4—7  load  balancing,  there  is  no  summit! 
Just  a  continuous  journey.  Foundry’s  Server  Iron  switches  continue  to  be  the  trailblazer 
for  server  scalability  with  one  accomplishment  after  another.  Serverlron  switches  protect 
servers  against  denial-ot-service  attacks,  improve  server  scalability,  and  vastly  enhance  server 

reliability.  Serverlron  makes  it  easy  to  manage  all  your  networked  applications  and  improve 
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user  response  time*  while  eliminating  application  downtime.  It’s  the  industry  leader  in 
performance,  intelligence,  security,  and  price.  So  it’s  no  coincidence  that  Serverlron  is  the 
product  of  ehoice'for  the  world’s  largest  and  most  demanding  customers. Visit  us  today  at 
www.foundrynetworks.com/si.  Or  call  1 .888.TURBOLAN  (1 .888.887.2652). 
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1.888.TURBOLAN  (887-2652)  or  www.foundrynetworks.com/fi. 


FOUNDRY 

NETWORKS 


SIB 


TME 

New  Data  Center. 


SPOTLIGHT  ON  SECURITY. 


>  WWW.NWFUSI0N.C0M/SUPP/2004/NDC2  3.22.04 


Federated  ID 

continued  from  page  S14 

SAML  1.1  in  addition  to  1.0.  An  important  caveat  for 
SAML  implementers  is  a  basic  assertion-level 
incompatibility  between  SAML  1.0  and  SAML  1.1 
when  schema  validation  is  employed.  An  instance 
of  a  SAML  1.0  assertion  can’t  be  validated  against  a 
SAML  1.1  schema,  because  SAML  1.1  uses  XML 
Schema  identifiers.  The  change  was  introduced  to 
facilitate  digital  signature  processing  on  assertion 
data  elements.  However,  most  SAML-based  prod¬ 
ucts  that  support  both  versions  can  sense  which 
version  a  particular  assertion  is  using. 


OASIS  SSTCs  SAML  2.0  development  formally 
got  underway  last  September,  and  the  committee 
expects  a  first  full  draft  for  industry  review  in  the 
second  or  third  quarter  of  this  year.SSTC  has  pub¬ 
lished  its  “active  work  items,”  which  constitute  the 
likely  features  of  SAML  2.0.This  next  major  SAML 
version  will  include  improvements  based  on 
implementer  requests  and  will  tackle  some  for¬ 
merly  deferred  features  by  integrating  most  of  the 
features  of  Liberty  ID-FF  1.2.  Liberty  contributed 
ID-FF  1.2  to  SSTC  last  November.  SAML  2.0  also 
will  include  several  new  features  deferred  from 
the  development  of  SAML  1.x. 

Liberty  Alliance  hasn’t  stopped  evolving  its  fed- 
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A  logical  view  of 
SAML  -Lx 


FUNCTIONAL  ENTITIES  TYPICALLY 
FOUND  ATTHE  SOURCE  SITE  ARE: 

The  principal  —  The  functional  entity 
(often  a  browser-based  client,  but  it  could 
be  a  Web  service  or  application)  that 
requests  a  resource. 

Authentication  authority —  Responsible  for 
ensuring  a  principal  is  what  it  says  it  is.  The 
authentication  authority  passes  credentials 
input  by  the  principal  to  an  authenticating  ser¬ 
vice  (such  as  a  Lightweight  Directory  Access 
Protocol  directory  or  RADIUS  server).  It  then 
determines  if  the  authentication  was  successful, 
and,  if  so,  issues  an  authentication  assertion 
message  vouching  for  that. 

Attribute  authority  —  Responsible  for  deter¬ 
mining  what  rights  the  principal  has  regarding 
the  requested  resource.  It  processes  the  authen¬ 
tication  assertion  message,  retrieving  the  princi¬ 
pal’s  attribute  information  from  a  repository 
(such  as  a  LDAP  directory  or  database)  and 
issuing  an  assertion  message  vouching  that  the 
principal  is  entitled  to  the  attributes. 


The  Security  Assertion  Markup  Language 
(SAML)  provides  a  standardized  way  of 
passing  sign-on  and  authorization  informa¬ 
tion  —  via  messages  called  "assertions"  — 
between  two  federated  domains.  One 
domain  is  the  source  site  authenticating 
browser-based  users  and  the  other  is  the 
destination  site  controlling  access  to  the 
requested  resource. 


FUNCTIONAL  ENTITIES  TYPICALLY  FOUND 
ATTHE  DESTINATION  SITE  ARE: 

Policy  decision  point  — This  functional  entity 
processes  authentication  and  attribute  asser¬ 
tion  messages,  and  evaluates  those  assertions 
against  policies  that  are  maintained  in  a  reposi¬ 
tory.  It  issues  authorization  decision  assertion 
messages  that  validate  authentications  and 
attributes. 

Policy  enforcement  point  —  An  entity  that 
processes  authorization  decision  assertions  and 
enforces  policies.  At  times,  the  policy  enforce¬ 
ment  point  can  be  hosted  on  an  external  node. 

Resource  —  An  instance  of  information,  ser¬ 
vices  or  applications  requested  by  and  delivered 
to  principals  online,  subject  to  authentication 
and  authorization  controls.  At  times,  the 
resource  can  be  hosted  on  an  external  node. 


Conceptually,  here  Is  how  the  SAML  process  maps  out. 


LDAP  directory,  RADIUS  server,  Kerberos 
5  key  distribution  center  and  other  non-SAML 
authenticating  services. 
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erated  ID  specifications,  but  it  has  deferred  all 
future  ID-FF  development  to  OASIS  SSTC,  in  the 
context  of  SAML  2.0  and  beyond.  The  alliance 
now  focuses  on  further  development  of  its  ID- 
WSF  1.0  standard  and  Identity  Service  Interface 
Specifications  (ID-SIS),  which  it  released  last 
November. The  group  hasn’t  decided  if  it  will  sub¬ 
mit  these  as  finished  specifications  to  OASIS  or 
any  other  standards  group. 

Vendor  support  for  Liberty’s  ID-FF  1.1  specifica¬ 
tions  continues  to  grow,  and  vendors  are  begin¬ 
ning  to  outline  plans  for  supporting  1D-WSF  1.0 
and  ID-SIS  1.0.  More  than  20  vendors  have 
announced  support  or  commitments  to  imple¬ 
ment  the  Liberty  specifications  in  their  products 
over  the  coming  year.  But  several  significant  ven¬ 
dors  —  most  notably  IBM  and  Netegrity  —  have 
delayed  supporting  Liberty  until  SAML  2.0  is 
defined  and  ratified  at  OASIS. 

Where  standards  converge 

All  of  the  federated  ID  management  standards 
were  built  on  a  common  core  of  Web  services 
standards  —  notably  XML,  Simple  Object  Access 
Protocol  and  Web  Services  Description 
Language.  Above  that,  SAML  has  largely  emerged 
as  the  convergence  specification.  SAML  1.x  spec¬ 
ifications  are  the  basis  for  Liberty’s  specifications. 
In  turn,  Liberty  specifications  are  feeding  into  the 
ongoing  definition  of  SAML  2.0  at  OASIS.  There’s 
little  doubt  that  SAML  2.0  will  provide  a  fairly 
complete  identity  federation  framework  stan¬ 
dard,  and  that  it  will  be  on  a  fast  track  for  OASIS 
ratification  by  year-end. 

It’s  likely  that  WS-Federation  will  figure  into  an 
eventual  industrywide  federated  ID  framework 
standard,  although  it’s  not  clear  whether  that  will 
be  in  the  form  of  a  SAML  3.0  or  another  initiative 
at  OASIS  or  elsewhere.  By  the  time  WS-Federation- 
based  solutions  come  to  market  —  most  likely  in 
2005  —  the  number  of  production  SAML  and 
Liberty  deployments  will  be  in  the  hundreds  it 
not  thousands.  WS-Federation-based  environ¬ 
ments  will  have  to  integrate  with  a  sizable 
installed  base  committed  to  the  rival  framework. 

The  worst-case  scenario  is  that  Microsoft  and 
IBM  hold  fast  to  their  separate  specifications  and 
in  the  process  polarize  the  federated  ID  market 
for  the  near  future.  But  even  if  the  standards  wars 
persist,  adoption  of  federated  ID  will  continue  to 
grow  for  the  next  several  years,  at  least. 

“WS-Federation’s  non-convergence  with 
SAML  and  the  Liberty  Alliance  is  not 
holding  up  any  momentum  in  the 
marketplace,  in  terms  of  getting 
federated  ID  in  place,”  says  Eric 
Norlin,  senior  vice  president  for 
strategic  marketing  at  Ping 
Identity  and  a  principal  in  the 
SourcelD  open  source  ID  initia¬ 
tive.  “Convergence  is  not  a  road¬ 
block  to  implementation,  from 
what  we  can  see." 

Kobielus  is  a  senior  analyst  with  Burton 
Group,  an  IT  advisory  services  that  provides  in- 
depth  technology  analysis  for  network  planners.  He 
can  be  reached  at  (703)  924-6224  or  jkobielus@bur- 
tongroup.com.  The  author  wishes  to  acknowledge 
Burton  Group  colleagues  Dan  Blum  and  Gerry  Gebel 
for  their  assistance  with  this  story. 
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Six  vendor  execs  tell  us 
why  autonomic  computing 
is  one  of  the  new  data 
center’s  most  powerful 
technologies. 
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Wr  hether  you  believe  all  you  are  hear¬ 
ing  these  days  about  autonomic  com¬ 
puting  —  or  remain  skeptical  —  you 
have  to  admit,  the  message  is  appealing.  The  major 
infrastructure  players,  Hf?  IBM  and  Sun,  paint  a  picture 
of  a  new  data  center  which  is  self-managing,  self-heal¬ 
ing  and  self-provisioning.  Such  autonomic  computing 
capabilities  will  contribute  to  a  broader  utility  infra¬ 
structure  that  can  react  on  the  fly  to  changes  in 
demand,  providing  a  constant  level  of  service,  much 
like  a  public  utility. This,  in  turn,  will  allow  IT  executives 
to  focus  on  strategic  business  issues  rather  than  man¬ 
ual  maintenance  tasks. 

Network  World  asked  key  strategists  at  these  compa¬ 
nies,  and  at  Microsoft,  storage  management  vendor 
Veritas  Software  and  server  virtualization  specialist 
VMware  (now  an  EMC  business  unit),  to  share  their 
ideas  about  autonomic  computing. 

Why  do  we  need  autonomic  computing? 

Greg  Papadopoulos,  CTO,  Sun:  In  a  word,  ‘complexity  Complexity 
has  accumulated  to  a  point  where  we  no  longer  have  an  economy  of 
scale  in  IT.  What’s  called  for  is  real  automation  of  service  levels  in  the  data 
center,  not  some  organic-sounding  marketing  buzzword.  We’re  talking 
about  designing  in  the  capability  for  resource  virtualization,  application 
provisioning,  service-level  provisioning  —  tools  to  help  make  the  most  of 
existing  IT  resources.  I’m  a  little  skeptical  of  the  idea  that  computers  can 
act  like  people  and  heal  themselves. True  automation  of  the  data  center 
is  not  a  soft,  abstract  principle;  it  requires  a  very  strict,  deep,  engineering 
discipline.  We  have  to  do  the  hard  work  of  making  things  simple. 

Nora  Denzel,  senior  vice  president  and  general  manager  of  HP’s 
Software  Global  Business  Unit  and  Adaptive  Enterprise  Program: 
There  was  always  a  need,  but  the  need  couldn’t  be  fulfilled  earlier.  Up 
until  the  past  few  years,  there  weren’t  industry  standards.There  wasn’t  the 
bandwidth  capacity  to  link  disparate  computers  across  long  distances. 
Some  of  the  technology  we  needed,  such  as  virtualization,  the  ability  to 

See  Autonomic,  page  S22 


Lucent  VPN  Firewall  Brick®  provides  the  broadest  defense 


with  no  need  to 


reconfigure  your  network, 


,  \t>f 


For  more  information  and  to  download  our  White  Paper, 
“Overcoming  Common  Firewall  Limitations,”  visit 
www.lucent.com/better-firewall. 


Lucent  VPN  Firewall  Brick® 
Models  20,  80  &  1100  shown 


Lucent  Technologies 

Bell  Labs  Innovations 


.THE 


New  Data  Center_s^TTiGHimsECTMiY. 

>  WWW.NWFUSI0N.C0M/SUPP/200a/NDC2  3.22.04 


iD 

tm 


Autonomic 

continued  from  page  S20 

break  up  programs  into  small  pieces,  hadn’t 
been  invented  yet.  What  we’re  seeing  is  a  new 
cycle  of  computing  that  is  finally  possible. 

Irving  Wladawsky-Berger,  vice  president 
of  technology  and  strategy,  IBM:  We  need  to 
find  innovative  ways  to  manage  the  increasing 
complexity  of  business  and  IT.  Because  tech¬ 
nologies  have  been  more  readily  available  to  us, 
most  environments  are  now  made  up  of  hetero¬ 
geneous  components.  More  than  40%  of  all  IT 
expenditures  are  invested  in  just  getting  these 
technologies  to  work  together.  At  the  end  of  the 
day,  we  need  autonomic  computing  to  make  IT 
more  self-managing  —  that  is,  self-configuring, 
self-optimizing,  self-healing  and  self-protecting. 
People  then  will  be  shielded  from  IT’s  complexi¬ 
ty,  the  infrastructure  will  work  around  the  clock 
and  be  as  near-impervious  to  attacks  and  threats 
as  possible,  and  the  business  can  make  the  most 
efficient  use  of  increasingly  scarce  support  skills. 

Gary  Bloom,  CEO,  Veritas:  Many  IT  execu¬ 
tives  these  days  are  caught  between  two  conflict¬ 
ing  imperatives.  At  one  end  are  the  users.  They 
want  more  applications  to  automate  their  busi¬ 
ness,  more  data  to  make  better  decisions,  and  they 
want  it  all  yesterday,  if  not  sooner.  At  the  other  end 
are  the  CEO  and  CFO. They  want  the  CIO  to  spend 
less  on  data  centers,  less  on  hardware  and  less  on 
people.  Of  course,  it  all  must  be  done  with  the 
existing  technology  —  a  complex  and  heteroge¬ 
neous  environment  of  Web  servers,  application 
servers,  databases  and  hardware.  At  both  ends  of 
this  CIO  squeeze  there  is  one  common  demand: 
perfection.  What  everyone  is  asking  is  that  the  IT 
environment  be  as  dependable  and  predictable 
as  water,  gas,  electricity  or  any  other  utility 

Diane  Greene,  president  and  CEO, 
VMware:  Autonomic  computing  can  be  defined 
as  a  number  of  things,  [but]  the  goal  is  to  simplify 
management  and  improve  the  reliability  of  com¬ 
puter  systems.  The  perfect  autonomic  computing 
system  doesn’t  need  anyone  to  manage  and 
maintain  it  once  it’s  been  installed.  If  an  applica¬ 
tion  starts  to  perform  badly,  it  can  automatically 
get  increased  resources.  If  software  or  hardware 
fails.it  is  transparent  to  end  users.no  service  inter¬ 
ruption. The  benefits  are  straightforward  —  lower 
costs  and  higher  service  levels. 

How  will  autonomic  computing  affect  the  work 
of  skilled  IT  personnel? 

Denzel:  The  best  part  is  that  the  technology  is 
going  to  be  used  to  automate  many  of  the  manual 
things  skilled  IT  personnel  have  to  do  today,  such 
as  roll  out  patches,  provision  new  users,  set  up 
servers.  Skilled  IT  professionals  can  look  forward 
to  understanding  the  needs  of  the  business  more, 
understanding  business  processes  and  redefining 
business  processes  rather  than  working  on  main¬ 
tenance.  They’ll  get  a  much  more  satisfying  job. 

Papadopoulos:  With  the  increase  in  complex¬ 
ity  of  the  network  computing  environment,  we’ve 
seen  IT  managers  devoting  as  much  as  60%  or 
70%  of  their  budgets  to  maintaining  the  status  quo 
—  keeping  the  network  up  and  running,  deploy¬ 
ing  patches,  service  packs,  and  trying  to  docu¬ 
ment  and  maintain  dozens  of  software  versions, 
platforms  and  operating  systems  across  highly 
complex  environments.  Autonomic  computing 
automates  repetitive  tasks  and  monitors  service 
levels  and  availability,  freeing  IT  staff  to  focus  on 


more  strategic  projects.  This  will  call  for  many  of 
the  same  skill  sets,  but  will  require  a  deeper 
understanding  of  the  power  of  information,  and 
the  need  to  manage  that  information  by  develop¬ 
ing  and  deploying  applications  and  services  that 
provide  competitive  advantage  to  the  business. 

When  will  autonomic  systems  be  available,  and 
what's  being  done  now? 

Wladawsky-Berger:  Autonomic  function  is 
being  incorporated  into  systems  today  But  inte¬ 
grating  it  deep  into  a  business  is  an  evolutionary 
process.  One  doesn’t  build  an  automated  infra¬ 
structure  overnight.  We  treat  autonomic  comput¬ 
ing  as  a  process  that  will  let  businesses  intro¬ 
duce  more  advanced  autonomic  technologies 
into  their  infrastructure  in  a  systematic,  logical, 
business-like  way.  This  way,  customers  get  the 
benefits  of  autonomic  computing  as  they  natu¬ 
rally  upgrade  at  their  own  pace. 

Analysts  say  moving  to  an  autonomic  or  utility 
environment  is  likely  a  seven-  to  10-year 
effort.  What  can  users  do  to  get  started? 

Denzel:  It  all  begins  with  an  assessment.  With 
autonomic  computing  or  an  adaptive  enterprise, 
you  don’t  buy  one,  you  build  it.  Each  customer 
will  build  it  in  different  ways, depending  on  where 
they  are  today  and  where  they  want  to  end  up. 

Bloom:  To  get  started,  the  first  thing  customers 
need  to  do  is  make  sure  that  all  their  hardware 
and  software  can  work  together.  Additionally, cus¬ 
tomers  need  to  get  a  handle  on  how  the  IT 
resources  are  being  used  and  who  is  using  them. 
The  majority  of  customers  that  we  talk  to  have 
heterogeneous  systems  that  are  underutilized 
and  labor  intensive  to  manage.  Customers 
should  consider  and  implement  the  software 
building  blocks  that  begin  to  enable  the  key  ben¬ 
efits  of  utility  computing  —  availability,  perfor¬ 
mance  and  automation  in  a  shared  infrastruc¬ 
ture  of  heterogeneous  resources. 

Papadopoulos:  One  of  the  first  things  to  think 
about,  particularly  in  large,  multi-national  com¬ 
panies,  those  that  have  grown  by  acquisition  or 
those  comprising  numerous  operating  units,  is 
server  consolidation. The  payoff  can  be  fairly  im¬ 
pressive,  and  in  addition  to  reducing  the  cost 
and  complexity  of  managing  the  data  center, 
there  are  other  quantifiable  returns.  British  Tele¬ 
com  was  able  to  consolidate  100  servers  to  six, 
reduced  failover  from  one  hour  to  just  5  minutes 
and  has  achieved  99.97%  availability 

Eric  Rudder,  senior  vice  president  of 
servers  and  tools,  Microsoft:  Moving  to  a  self¬ 
managing,  self-healing  environment  is  an  enor¬ 
mous  software  effort  and  will  take  years  to  fully 
realize.  But  you  can  start  today  by  embracing  a 
service-oriented  architecture  using  Web  services. 
Get  your  data  into  XML  and  start  to  expose  your 
new  and  existing  systems  as  Web  services  so  you 
can  reuse  them  as  your  systems  evolve.  Make  sure 
your  applications  are  instrumented  appropriately 
by  supporting  Microsoft’s  Windows  Management 
Instrumentation  API.  From  a  hardware  standpoint, 
start  planning  your  migration  to  x86  servers. 

How  will  the  industry  get  users  to  invest  in 
autonomic  computing  in  this  economy? 

Denzel:  Clearly,  they  will  only  take  a  little  at  a 
time.  There  won’t  be  a  big  bang.  It  will  be  more 
evolutionary,  very  slow  and  methodical.  You’ll 
see  30-,60-,90-day  programs  and  ‘how  did  it  go?’ 

See  Autonomic,  page  S24 
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assessments.  Although  IT  spending  around  the 
globe  will  pick  up  this  year,  everything  compa¬ 
nies  do  has  to  be  tied  into  a  specific  business 
benefit  that  is  demonstrable,  measurable  and  has 
a  significant  return  on  IT  investment.  Dollars  are 
available,  but  users  will  consider  a  lot  of  options 
and  vendors  will  compete  for  every  one. 

Greene:  When  you  start  to  see  the  return  on 
investment  associated  with  autonomic  comput¬ 
ing,  there  will  be  a  strong  push  toward  adoption. 
The  return  on  investment  from  adopting  virtual 
infrastructure  alone  has  pushed  widespread 
adoption  of  server  and  storage  virtualization 
already,  without  even  the  full  benefits  of  auto¬ 
nomic  computing.  Making  the  process  of  adop¬ 
tion  incremental  and  fully  compatible  with  exist¬ 
ing  systems  is  another  facilitator. 

Papadopoulos:  Data  center  automation  is 
about  reducing  operating  costs.  With  technology 
like  service-level  provisioning,  one  systems  ad¬ 
ministrator  can  manage  10  or  20  times  the  num¬ 
ber  of  servers  that  could  be  managed  in  a  tradi¬ 
tional  environment.  That  kind  of  efficiency  goes 
straight  to  the  bottom  line. 

What  are  the  biggest  technical  hurdles  to  auto¬ 
nomic  computing? 

Bloom:  The  biggest  challenge  for  many  aspir¬ 
ing  IT  utilities  is  how  to  build  in  the  necessary 
flexibility  to  accommodate  multiple  platforms 
and  a  variety  of  hardware  devices  from  different 
vendors.  Open,  heterogeneous  software  can  pro¬ 
vide  centralized  visibility  into  these  disparate  re¬ 
sources,  helping  the  IT  utility  bring  the  pieces  to¬ 
gether  into  a  single  holistic  view. 

Wladawsky-Berger:  Generally  speaking,  auto¬ 
nomic  computing  requires  extremely  sophisti¬ 
cated  software,  and  that  software  must  be  based 
on  open  standards. That’s  the  only  way  elements 
of  a  vast,  distributed  network  of  heterogeneous 
systems  can  communicate.  Communication  is 
the  key  to  self-management.  Developing  those 
open  standards  and  making  them  pervasive  are 
challenges,  but  the  industry  is  up  to  it. 

Denzel:  Technology-wise,  commercialization 
of  the  grid  needs  to  happen. Were  three  to  five 
years  away  from  that  because  we  need  pack¬ 
aged  software  that  can  understand  the  grid,  and 
we  need  the  interfaces  proposed  by  the  stan¬ 
dards  bodies  to  mature  a  bit.  We’ll  also  need  to 
see  more  maturation  of  Web  services.TodayWeb 
services  are  predominantly  deployed  inside  the 
firewall.  The  ultimate  is  Web  services  deployed 
across  the  unsecure  Internet,  where  they  come 
together  and  form  a  function.  We’re  many  years 
away  from  that. 

Greene:  There’s  the  problem  of  how  to  recog¬ 
nize  when  your  system  is  behaving  in  a  way  that 
you  want  to  correct.  Particularly  in  distributed  sys¬ 
tems,  such  as  Web-services-based  applications, 
systems  behavior  isn’t  just  black  and  white,  good 
and  bad. There’s  a  whole  gray  area  in  the  middle 
that  the  industry  is  going  to  have  to  develop 
pretty  sophisticated  diagnostic  software  in  order 
to  automate. 

Papadopoulos:  There  are  two  things  going  on 
here,  and  they  both  need  to  happen  at  the  same 
time.  First,  you’ve  got  a  wildly  heterogeneous  envi- 
ronment.The  idea  is  to  take  costs  out  opportunis¬ 
tically,  by  creating  a  layer  of  abstraction  to  suffi¬ 
ciently  contain  these  legacy  systems.That’s  kind  of 


the  ‘old  school’  aspect  of  data  center  automation. 
With  the  need  to  develop  and  deploy  applications 
efficiently  across  all  kinds  of  environments  and 
devices,  like  smart  cards  and  mobile  phones,  and 
the  need  to  scale  at  Internet  kinds  of  rates,  there’s 
a  new  architecture  that  includes  Web  servers,  app 
servers, database  servers, messaging.The  challenge 
is  to  design  a  data  center  automation  strategy  that 
maintains  the  heterogeneous  legacy  environment 
alongside  the  new  architecture,  allowing  the  two 
to  exchange  information  and  processes,  and  to 
intermingle  freely  and  securely 

What  excites  you  most  about  the  future  of 
autonomic  computing? 

Wladawsky-Berger:  What  1  find  exciting  is  the 
challenge  of  putting  autonomic  computing  to 
work  for  the  benefit  of  our  customers  certainly 
but  also  the  challenge  of  working  with  the  indus¬ 
try  to  develop  the  standards  that  will  make  auto¬ 
nomic  networks  a  reality  It’s  really  more  than  a 
commercial  challenge.  The  IT  infrastructure  is  a 
strategic  necessity  for  our  nation  and  for  society 
in  general,  and  when  something  is  that  critical,  it 
better  be  as  easy  to  use  and  as  resilient  as  you  can 
make  it. 

Papadopoulos:  The  network  of  1990  connect¬ 
ed  millions  of  workstations  and  computers.  In 
the  past  10  years  we  saw  that  number  approach 
billions,  with  the  addition  of  things  [such  as] 
PDAs,  mobile  phones  and  network  gaming.  We ’re 
about  to  experience  the  next  wave,  which  is  real¬ 
ly  about  trillions  of  things  connected  to  the  net¬ 
work,  like  [radio  frequency  identification]  tags 
and  sensors  in  the  workplace  and  at  home  and 
in  our  cars.  All  of  this  is  going  to  put  our  IT  infra¬ 
structure  to  its  most  punishing  test  yet. The  infra¬ 
structure  is  going  to  have  to  scale  like  crazy,  and 
it’s  going  to  have  to  do  so  painlessly  and  simply 

Greene:  Autonomic  computing  is  about  bring¬ 
ing  useful  innovation  to  the  market  in  a  way  that 
eliminates  significant  drudgery  from  people’s 
lives  as  well  as  reduces  costs  and  increases  the 
quality  of  service  offerings.  Autonomic  computing 
will  allow  businesses  to  manage  their  business 
with  fewer  computing  infrastructure  concerns.  I 
also  believe  that  it  is  just  another  example  of  the 
progress  that  technology  can  afford  —  progress  in 
the  sense  that  people’s  focus  can  move  up  a  level 
and  costs  go  down. 

Bloom:  Utility  computing  represents  the  mat¬ 
uration  of  information  technology  [which]  is 
gracefully  transforming  into  a  service  model 
that  is  more  centralized,  better  managed  and 
most  importantly,  precisely  aligned  with  busi¬ 
ness  objectives.  This  transformation  to  utility 
computing  is  enabled  by  open,  heterogeneous 
software.  It  is  exciting  to  be  at  the  forefront  of 
driving  and  enabling  this  evolution  in  IT  history. 

Rudder:  For  decades  our  ability  to  innovate 
in  software  has  been  gated  by  innovation  else¬ 
where.  We  waited  much  longer  than  we  would 
have  liked  for  hardware  performance  to  make 
graphical  user  interfaces  a  reality  More  recently, 
we’ve  been  dependent  on  networking  innova¬ 
tions,  including  the  Internet. Today,  it  is  incredi¬ 
bly  exciting  to  live  in  a  world  where  software 
innovation  is  not  limited  by  these  other  devel¬ 
opments,  but  rather  only  our  own  imaginations 
and  ability  to  translate  ideas  into  software.  In 
the  next  couple  years,  we’re  going  to  see 
tremendous  software  innovation  that  harnesses 
the  abundance  of  computing  hardware  and 
networking.  ■ 


I  ^Customers  should  consider  and 


implement  the  software  building 
blocks  that  begin  to  enable  the  key 
benefits  of  utility  computing-  avail¬ 
ability,  performance  and  automa- 
tion  in  a 
shared  in¬ 
frastructure 
of  heteroge¬ 
neous  re¬ 
sources.  9  9 


Gary  Bloom 

CEO,  Veritas 


I  fcMoving  to  a  self-managing,  self- 
healing  environment  is  an  enor¬ 
mous  software  effort  and  will  take 
years  to  fully  realize.  But  you  can 
start  today  by  embracing  a  service- 

oriented  ar¬ 
chitecture 
using  Web 
services.  9  9 


Eric  Rudder 

SeniorVP  of  servers 
and  tools,  Microsoft 


1 1  Autonomic  computing  is  about 
bringing  useful  innovation  to  the 
market  in  a  way  that  eliminates 
significant  drudgery  from  people’s 
lives  as  well  as  reduces  costs  and 
increases 
the  quality 
of  service 
offerings.99 

Diane  Greene 

CEO,  VMware 


NetScreen 


Complete  network 


NetScreen,  the  company  protecting  many  of  the  world’s  largest 

enterprises,  now  has  security  built  to  fit  medium  enterprises 


Our  complete,  single  vendor  solutions  provide  network 


security  that’s  easily  managed.  Reduces  costs.  And  most 
importantly,  gives  your  network  the  iron-clad 
protection  it  needs  from  today’s  frequent  and 


complex  attacks.  Our  unequaled  solutions 


for  large  financial,  government  and 
manufacturing  networks  have  made 


us  the  world’s  fastest  growing  major 


network  security  company  over  the  last  two  years 
Now  there’s  no  better  fit  for  your  business. 


Visit  www.netscreen.com/company/ad/iron-clad 


or  call  800-638-8296  to  learn  more 
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From  application  services  to  management  hardware,  semi¬ 
conductor  reseller  Smith  &  Associates  strengthens  its 
just-in-time  business  with  new  data  center  technologies. 


BY  BETH  SCHULTZ 

ver  the  last  two  decades, 
i  Smith  &  Associates  in 
Houston  has  built  a 
global  resale  business  out  of  being  at 
the  ready  with  semiconductor  com¬ 
ponents  when  any  one  of  its  varied 
customers  —  from  automakers  to 
medical  equipment  manufacturers 
—  comes  calling.The  calls  always  are 
urgent  —  an  expected  shipment  of 
critical  components  hasn’t  arrived 
on  schedule,  the  buffer  inventory  is 
nearly  depleted,  and  the  vendor  says 
the  delivery  delay  might  be  weeks 
long.  If  the  manufacturer  doesn’t  get 
more  components  shortly,  a  critical 
production  line  will  screech  to  a  halt. 


Smith’s  IT  team  has  enabled  account  representa¬ 
tives  to  deal  with  the  “I  need  it  yesterday”  demands 
of  a  global  clientele  through  new-data-center-style 
application  and  infrastructure  choices.  In  the 
process,  it  has  built  an  application  infrastructure 
that  will  support  the  company’s  growth  through¬ 
out  this  decade  and  beyond.  Smith  is  among  the 
first  companies  to  take  a  hardware-based  ap¬ 
proach  to  managing  its  application  infrastructure 
—  shunning  traditional  management  software  as 
too  complex  and  too  costly  to  maintain. 

Smith’s  exploration  of  new  data  center  con¬ 
cepts  started  with  SalesChain  X,  the  application 
used  during  those  demanding  customer  negoti¬ 
ations.  Smith’s  IT  team  had  three  goals  for  the  7- 
year-old  application:  improve  its  performance, 
increase  its  scalability  and  integrate  it  with  the 
company’s  ERP  application. 

The  team  decided  a  complete  re-architecture 


of  SalesChain  X,  a  Java  application,  was  in  order, 
including  migration  of  SalesChain  X  onto  a  newer 
standards-based, Web-centric  platform.  Building  a 
componentized,  services-oriented  application 
architecture  would  be  critical  for  ensuring  the 
flexibility  and  scalability  needed  to  keep  up  with 
Smith’s  expansion. The  company  recently  opened 
its  ninth  office,  adding  Shanghai  to  a  list  of  cities 
that  includes  Amsterdam;  Barcelona,  Spain; 
Guadalajara,  Mexico;  and  Seoul,  Korea,  says  Sean 
Trinh.vice  president  of  IT  at  Smith. 

Setting  the  new  data  center  foundation  at  the 
application  layer,  Smith  reworked  SalesChain  X 
using  Sun’s  Java  2  Platform  Enterprise  Edition  run¬ 
ning  on  BEA  Systems’  WebLogic  platform.  Appli¬ 
cation  components  are  written  using  Enterprise 
JavaBeans  (EJB)  technology  Java  Message  Serv¬ 
ice  technology  provides  the  messaging  infrastruc¬ 
ture  between  SalesChain  X  and  specialized  ERP 


applications,  provided  by  Glovia  International,  a 
Fujitsu  subsidiary  for  engineer-to-order  and  high- 
volume  manufacturers.’Tight  integration  with  the 
ERP  system  gives  us  the  ability  to  create  sales 
orders  without  ever  leaving  the  SalesChain  appli¬ 
cation,  making  performance  much  improved. 
And  the  messaging  infrastructure  provides  us 
with  alert-type  features  so  we  can  push  data  to 
traders  rather  than  having  them  constantly 
requesting  it,”Trinh  says. 

With  that  foundation, Smith’s  IT  team  has  begun 
planning  its  Web  services  architecture, Trinh  says. 
Turning  the  EJB  components  into  Web  services 
will  be  easy  with  BEAs  tools,  he  says.  “The  more 
difficult  part  is  mapping  out  all  the  services  that 
will  be  exposed,  identifying  the  service  con¬ 
sumers  and  hashing  out  the  life-cycle  policy  for 
the  services,”  he  says. 

See  Smith,  page  S30 
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Read  the  IT  chart.  You’ve  got  serious  problems. 

Porn  may  be  the  most  visible,  but  it’s  only  one  of  your  worries.  See  more  clearly  with  Websense  Enterprise* 
the  most  comprehensive  solution  for  protecting  your  network  from  threats  that  appear  as  employee  computing  and 
the  Internet  converge.  You  don’t  have  to  rely  on  20/20  hindsight. 

For  a  free  white  paper  on  Emerging  Threats  in  Employee  Computing 

or  to  assess  your  risks  visit  www.websense.com/checkup.  ^  IE  KE  _  J  tE. 
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.deploying  multiple  security 
layers  and  zones  from  a  single 
dynamic  system. 


...reacting  quickly  to 
changing  security  threats 

— as  they  happen. 


.a  security  infrastructure 
that  continually  adapts 
to  suit  your  needs. 


It’s  not  your  imagination.  It’s  Inkra. 

You  need  dynamic  layered  security  throughout  your  network  to  protect  it 
from  virus,  worm,  and  denial  of  service  attacks.  Inkra's  Virtual  Service 
Switch  is  the  only  security  solution  that  allows  you  to  cost-effectively 
layer  security  deeply  in  your  network,  and  adapt  the  system  to  meet  new 
requirements  in  real  time,  right  from  your  desktop. 


Visit  us  online  at  www.inkra.com/nwwl 

to  learn  more  today. 


CA  94538  I  510-623-4200  I  www.inkra.com 
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DO  YOU  FEEL  SECURE? 

When  it  comes  to  technology,  many  companies 
are  answering,  “No.”  As  information  and  facility 
security  become  the  focus  of  corporations  world¬ 
wide,  the  need  to  safeguard  technology  grows 
increasingly  acute.  The  result:  an  explosion  in  the 
security  market,  driven  by  such  legislation  as 
The  Homeland  Security  Act,  which  has  fueled  a 
$10  billion  market  in  security  technology  and 
services. 

"[Minuteman  UPS]  has  the  best  products  to 
sell-1  want  to  stick  with  what  I  find  is  the  top 
of  the  line. " 

-  Ronald  Kent 
Owner  of  Kent  CCTV  Co.,  Valrico  FL 

And  as  security  grows  more  vital,  so  too  does 
the  need  for  an  uninterruptible  power  supply 
(UPS)  to  provide  power  protection  during  power 
failures.  For  example,  Para  Systems,  Inc.  makers 
of  Minuteman  UPS  solutions,  has  found  that 


security  issues  have  fueled  a  growing  demand  for 
their  products.  “Customers  now  recognize  the 
need  for  continuous  power  beyond  telephone  and 
computer  networks.  Now  they  must  back  up  cam¬ 
eras,  DVRs,  alarm  systems  and  access  control 
devices,”  says  Rick  Hunteman,  vice  president  of 
sales  and  marketing  at  the  Carrollton,  Texas- 
based  company.  “These  new  applications  allowed 
us  to  forge  strategic  relationships  with  key  dis¬ 
tributors  providing  total  security  solutions.” 

For  example,  distributors  such  as  Graybar, 
Anixter,  ADI,  Sprint  Products  Group  and  Kent 
CCTV  have  chosen  Minuteman  as  a  primary 
provider  of  UPS  solutions.  “I  used  to  sell  other 
UPS,  but  not  any  more,”  says  Ronald  Kent,  owner 
of  Kent  CCTV  Co.  in  Valrico,  Fla.  “They  have  the 
best  products  to  sell — I  want  to  stick  with  what  I 
find  is  the  top  of  the  line.” 

That  top-flight  product  translates  into  satisfied 
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customers,  as  Stephen  Podley,  the  Superintendent 
of  Telecommunications  at  the  Miami  Dade 

"It's  been  doing  exactly  what  we  need  it  to. " 

-  Stephen  Podley 
Superintendent  of  Telecommunications 
Miami  Dade  Aviation  Department 

Aviation  Department  can  attest.  Podley  uses 
Minuteman  UPS  for  power  conditioning  and  back¬ 
up  services  for  the  network  that  services  common 
use  terminal  equipment.  “This  is  what  we  call  an 
airport  critical  system,”  he  says,  “and  it’s 
absolutely  necessary  for  this  to  stay  up  in  opera¬ 
tion.  We’ve  been  pleased  with  the  product.  It’s 
been  doing  exactly  what  we  need  it  to.” 


Sponsored  by 


FOR  MORE  INFORMATION  VISIT  WWW.MINUTEMANUPS.COM/NWW 


Secure  networks  in  the  fast  lane. 


OPEN.  AUTOMATED.  ACTIVE.  Solsoft  makes  it 
easy  to  put  enterprise  network  security  policies 
into  action.  Whether  you're  running  Cisco  PIX, 
IOS  and  VPN  3000.  Or  a  multi-vendor  environ¬ 
ment  with  Cisco,  NetScreen,  Check  Point,  Nortel, 
Symantec  and  Linux. The  Solsoft  Policy  Server  is 
an  open  system  offering  centralized  manage¬ 


ment  of  leading  firewalls,  routers,  switches  and 
VPNs.  And  the  solution  offers  advanced  workflow 
features,  so  network  and  security  teams  can  col¬ 
laborate  more  effectively.  Best  of  all,  the  entire 
process  is  automated  for  easy  creation,  deploy¬ 
ment,  storage  and  audit  of  consistent  security 
policies  across  large  and  complex  networks. 


Download  a  free  white  paper  now  to  see  why 
smart  companies  from  all  industries  trust  Solsoft. 

WWW.SOLSOFT.COM/NWW 

& SOLSOFT 

How  secure  networks  are  managed 


C  2004  Solsoft,  Inc  All  rights  reserved.  All  trademarks  are  the  property  of  their  respective  owners. 
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Smith 

Continued  from  page  S26 

New  management  A  must-have 

With  its  next-generation  applications 
infrastructure  in  the  works, Smith  needed  a 
better  way  to  manage  that  environment 
too,Trinh  says. “With  the  complexity  of  our 


applications,  software  management  tools 
[from  BMC  Software,  IBM  Tivoli  and  Pere¬ 
grine  Systems]  weren’t  providing  the  solu¬ 
tion  we  expected.  We  decided  to  try  some¬ 
thing  on  the  hardware  side,”  he  says. 

A  demonstration  of  the  Vieo  1000  appli¬ 
ance  from  start-up  Vieo  sold  Trinh  on  the 
idea  of  management  hardware.  Unlike  the 


disparate  management  software,  the  Vieo 
1000  provides  an  integrated  view  —  and 
control  —  of  all  the  critical  devices  the 
application  infrastructure  uses.  Trinh  now 
could  ensure  100%  availability  of  the  appli¬ 
cation  infrastructure. 

For  now.  Smith  has  seven  mission-critical 
servers  always  attached  to  the  Vieo  1000,  all 
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SIMPLY 

MORE  SECURE 

FIREPASS” 

SECURE  REMOTE  ACCESS 


Accessing  your  corporate  network  from  a  remote  location 
can  threaten  corporate  security.  Protect  your  corporate 
assets  with  F5's  secure  SSL  VPN  appliance:  FirePass®. 

As  the  most  comprehensive,  reliable,  and  secure  remote 
access  solution,  FirePass  provides  bulletproof  security  with 
features  including: 

ADVANCED  AUTHENTICATION  -  FirePass  includes 
support  for  RADIUS,  LDAP,  HTTP,  two-factor  and 
Windows  Domain  Server  authentication.  Eliminate 
the  task  of  defining  each  authenticated  user  with 
automatic  user  enrollment  features. 

SMART  APPLICATION  LAYER  SECURITY  -  FirePass 
monitors  access  to  intranet  servers  to  detect  and 
thwart  application  layer  attacks,  such  as  cross-site 
scripting  attacks. 

GRANULAR  ACCESS  MANAGEMENT -With 
FirePass,  you'll  ensure  appropriate  access  to  sensitive 
network  resources.  Grant  access  based  on  individuals, 
groups  of  users  and  even  device  types  for  maximum, 
flexible  security. 

ADAPTIVE  CLIENT  SECURITY  -  FirePass  adapts 
security  policies  to  ensure  client  integrity.  For  example, 
FirePass  will  delete  temp/cache  files  on  public  kiosks 
and  check  for  active  virus  scan  and  personal  firewall 
programs  on  corporate  laptops. 

Now  employees,  customers  and  partners  can  securely 
access  authorized  applications  from  any  web-enabled 
device  at  any  location. 

FirePass.  Remote  access  is  now  simply  more  secure. 

Learn  more  with  a  FREE  guide  to  secure  remote  access 
and  an  online  demo.  Visit  www.f5.com/secure-nw  or 
call  1-877-547-0298  today. 


via  10/100M  bit/sec  Ethernet  connections 
—  the  three  WebLogic  servers  used  for 
SalesChain  X,  two  HP  servers  running  the 
ERP  applications  and  two  Sendmail 
servers.  Once  the  devices  were  attached, 
the  management  appliance  auto-discov¬ 
ered,  instrumented  and  blueprinted  the 
infrastructure,  delivering  an  end-to-end 
view  of  the  application  environment. 

The  IT  team  also  has  been  testing  the  ap¬ 
pliance’s  usefulness  for  servers  that  house 
some  of  its  less-critical  applications,  and  for 
switches  and  routers,  Trinh  says.  “We  are 
hoping  to  learn  how  to  do  more  with  less 
and  how  to  achieve  better  performance 
and  availability  with  our  existing  hardware,” 
he  says. 

Although  the  Vieo  1000  will  automate 
tasks  such  as  server  provisioning  and  prob¬ 
lem  resolution,  Smith  does  not  yet  let  the 
appliance  run  solo.“Smith  has  taken  this  all 
the  way  up  to  having  the  box  evaluate 
everything  and  make  suggestions,  but  it 
stops  there.  The  network  people  then  step 
in  to  implement  the  suggested  changes  or 
do  their  own,”  says  Ken  Neusaenger,  former 
director  of  technology  at  Smith.  He  is  now 
CEO  for  ZettaWorks,  an  integrator  he 
launched.  ZettaWorks  is  working  with 
Smith  on  these  projects. 

More  automation  to  come 

Smith  likely  will  turn  to  self-healing  even¬ 
tually  Trinh  says,  but  for  now  the  IT  team  has 
discovered  that  having  humans  keep  tabs 
on  management  information  helps  Smith 
plan  its  next  moves. 

For  example,  the  IT  team  uses  data  from 
the  Vieo  to  tweak  the  application  infra¬ 
structure,  says  Eddie  Garcia,  a  ZettaWorks 
senior  architect.  “Vieo  provides  charts  for 
historical  data,  which  we  really  didn’t  have 
before.  Now  we  can  see  how  fast  growth  is 
in  requests,  connection  pools  and  socket 
connections  to  servers,”  he  says.  “That 
allows  us  to  be  able  to  know  progressively 
what  our  peak  times  are  and  monitor  to  see 
how  we’re  utilizing  the  system  resources. 
We  get  a  better  overall  picture  of  how  to 
provision  resources  for  WebLogic.” 

The  Vieo  management  information  has 
made  Trinh  and  his  team  realize  that  server 
virtualization  —  another  critical  new  data 
center  technology  —  would  work  for  its 
infrastructure  in  some  instances.  “We’re 
moving  away  from  our  approach  of  running 
one  application  on  one  server  Trinh  says. 

With  the  Vieo  1000,  Smith  has  turned  the 
dreaded  management  chore  into  a  model 
of  new  data  center  resourcefulness  and 
flexibility  Trinh  even  attributes  Vieo’s  deploy¬ 
ment  for  letting  the  company  cut  IT  staff  yet 
maintain  support  for  a  growing  worldwide 
network.  “Vieo  makes  information  more 
readily  available  to  us  so  we  can  better 
manage  the  health  of  our  systems. The  cost 
of  maintenance  is  greatly  reduced,”  he  says. 

Those  are  the  real  benefits  of  a  manage¬ 
ment  appliance,  Neusaenger  says.  “What 
would  you  rather  spend  your  day  doing? 
Fixing  broken  things  and  chasing  perfor¬ 
mance-related  issues,  or  leaving  those 
tasks  to  an  appliance  so  you  can  be  for¬ 
ward-thinking  on  ways  to  improve  the 
business?"® 


Our  customers  are  thrilled. 
Our  competitors  are  worried! 


Breakthrough  Performance, 
Massive  Scalability 


Access  Management.  Application  Security.  Application  Acceleration. 
Learn  more  about  Enterprise  /  Service  Provider  Class  SSL  VPN  and 
Application  Acceleration  solutions  from  Array  Networks. 

Goto:  www.arraynetworks.net/nw 
Or  call:  1-866-MY-ARRAY  today 


ArrayNetworks' 

The  Application  Networking  Company 


www.arraynetworks.net 


VOICE  SOLUTIONS  DATA  SOLUTIONS  INTERNET  SOLUTIONS  MANAGED  S  0  L  U  T  I  0  N  S 


Qwest  iQ  Networking  is  a  suite  ot  WAN  services  with  domestic  and  international  availability  depending  on  services  selected.  Recurring  fees  vary  depending  off  services  Ordered. 
Additional  equipment  may  be  required.  Qwest  and  Qwest  iQ  Networking  are  trademarks  of  Qwest  Communications  international  Inc.  ©  2004  Qwest.  All  rights  reserved 
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VoiceXML 

■  BY  JAMES  LARSON 

There  are  many  interactive  voice  re¬ 
sponse  applications  that  let  users  listen  to 
computers  and  respond  by  pressing  the 
buttons  on  touchtone  phones.  However, 
callers  often  get  lost  traversing  long,  time- 
consuming  sequences  of  menus.  It’s  also 
difficult  for  callers  to  juggle  between  lis¬ 
tening  and  searching  for  the  right  buttons 
to  press  on  the  small  keypads  of  their  cell 
phones.  What’s  needed  are  1VR  user  inter¬ 
faces  that  let  users  listen  and  speak  to 
computers. 

VoiceXML  2.0  is  a  markup  language  for 
building  speech  interfaces  —  the  voice 
equivalent  of  HTML.  A  voice  browser  is 
like  a  Web  browser  —  it  interprets 
VoiceXML  2.0  scripts  to  present  spoken 
information  to  users  and  accept  spoken 
requests  from  them. 

The  World  Wide  Web  Consortium  last 
week  made  VoiceXML  2.0  a  full  recom¬ 
mendation,  which  is  commonly  under¬ 
stood  to  be  a  Web  standard.  The  stan¬ 
dard  adds  a  speech-recognition  gram¬ 
mar  format  —  for  words  and  phrases 
that  users  can  speak  in  response  to 
prompts  —  that  was  not  included  in  pre¬ 
vious  version. 


Got  great  ideas 


■  Network  World  is  looking  for  great 
ideas  for  future  Tech  Updates.  If  you 
want  to  contribute  a  primer  on  a  spe¬ 
cific  technology,  standard  or  protocol, 
contact  Amy  Schurr,  senior  managing 
editor,  features  (aschurrdinww.com). 
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lets  you  talk  to  computers 


HOW  IT  WORKS 


VoiceXML  2.0 

The  VoiceXML  markup  language  lets  developers  build 
speech-enabled  applications  that  users  can  access 
through  their  phones. 


Public  switched 
telephone 
network 


Internet 


Speech  server 
running  voice 
browser 


VoiceXML 
scripts 
Grammar 
formats 
Audio  files 
■  ■  ■ 

DBMS 

'  Application 
functions 


Application  server 

1  A  user  places  a  telephone  call  from  any  phone  using  the  PSTN. 

2  The  voice  browser  downloads  VoiceXML  scripts,  grammar  formats  and  audio  files  from  an  application 
server  to  the  speech  server. 

3  The  voice  browser  presents  a  menu  prompt  to  the  user  by  relaying  prerecorded  audio  or  synthesizing 
speech. 

4  The  user  responds  by  speaking  or  pressing  the  buttons  on  a  touchtone  telephone.  The  PSTN  transfers 
the  speech  and  tones  from  the  phone,  and  the  speech  server  processes  it. 

s  The  voice  browser  accesses  applications  via  the  Internet. 


Call  components 

Because  telephones,  including  many 
cell  phones,  don’t  have  the  computation 
capability  to  host  a  voice  browser,  the 
voice  browser  resides  on  the  network  in  a 
speech  server.  The  speech  server  may  be 
located  in  a  corporate  data  center  or  off¬ 
site  at  a  hosting  provider. 

Users  dial  a  speech  server,  which  down¬ 
loads  VoiceXML  2.0  scripts,  grammar  for¬ 
mats  and  audio  files  from  an  application 
server. 

The  voice  browser  interprets  the  Voice¬ 
XML  2.0  script  by  presenting  users  with  a 
voice  message,  such  as: 

System:  “Welcome  to  Ajax.  Do  you  want 


to  speak  with  sales,  accounting  or 
repairs?” 

The  voice  message  could  be  prere¬ 
corded  voice  or  text  that  is  routed 
through  a  text-to-speech  synthesizer. 

The  voice  browser  invokes  an  automatic 
speech  recognizer  (ASR),  which  uses  the 
grammar  format  to  recognize  words  users 
speak: 

User:  “Repairs.” 

The  ASR  recognizes  the  user’s  spoken 
response.  In  this  case  the  grammar  format 
consists  of  only  three  words:  “sales,” 
“accounting”  and  “repairs.”  This  type  of 
grammar-driven  ASR  performs  more  accu¬ 
rately  than  dictation  ASRs,  which  attempt 


to  recognize  most  of  the  words  in  English 
or  whatever  language  a  user  is  speaking. 

Sometimes,  users  might  respond  by 
using  dual-tone  modulated  frequency 
(DTMF).  DTMF  is  useful  in  noisy  environ¬ 
ments  or  when  the  user  wants  to  reply 
confidentially. 

The  voice  browser  continues  processing 
the  VoiceXML  2.0  script,  perhaps  perform¬ 
ing  additional  conversational  turns,  invok¬ 
ing  an  application-specific  function  or 
accessing  information  in  a  database. 

With  VoiceXML  2.0,  developers  can  cre¬ 
ate  speech-enabled  applications  by  speci¬ 
fying  high-level  menus  and  forms  rather 
than  procedural  program  code. This  frees 
up  more  time  for  developers  to  test  the 
application  usability  and  refine  its  design. 

Giving  voice  to  new  apps 

Developers  use  VoiceXML  2.0  to  provide 
a  telephone-user  interface  for  many  types 
of  applications  and  information,  including 
time-sensitive  data,  business  data  and  per¬ 
sonal  information.  These  applications  let 
users  access  enterprise  data  wherever 
they  are  and  whenever  they  need  it  by 
simply  dialing  in  from  any  phone,  identi¬ 
fying  themselves  and  asking  for  the 
desired  information.  Customers  also  can 
use  these  systems  to  access  data  such  as 
order  status  and  catalog,  delivery  and 
account  information. 

There  are  many  more  phones  than  PCs 
in  the  world,  so  many  more  users  can 
access  the  World  Wide  Web  using  tele¬ 
phones.  Now  people  can  talk  and  listen  to 
computers  at  any  time  from  any  place. 

Larson  is  manager  of  Advanced  Human 
Input/Output  for  Intel.  He  can  be  reached 
at  jim@larson-tech.com. 


Dr.  Internet 


By  Steve  Blass 


Is  there  a  low-cost  PC  auditing  tool  that  can  run 
from  a  command  line  to  send  sysinfo-like  system 
information  to  a  central  location  by  e-mail  or  by 
writing  to  a  network  share  or  SQL  database? 

Aida32  is  a  free  system  audit  tool  (www.aida32. 
hu)  that  provides  GUI  and  command-line  inter¬ 
faces.  It  runs  on  everything  from  Windows  95 
through  Windows  2003  Server  and  can  write 
reports  to  local  disk,  network  share,  e-mail  or 


ADO  database  connections  in  text,  CSV,  HTML  or 
XML  formats.  The  program  can  fit  on  a  diskette 
and  be  launched  by  a  batch  file  containing  the 
command-line  switches  needed  to  send  the  audit 
report  home.  It  runs  faster  from  CD  or  if  pack¬ 
aged  by  an  installer  such  as  Inno  Setup  (www.jsr 
software.org)  for  download  to  the  hard  drive  from 
a  Web  page.  To  run  a  minimal  version,  rename  the 
aida32.bin  file  to  aida32.exe  and  copy  it,  along  with 
the  aida32.ini  file  and  your  batch  file,  to  your  distri¬ 


bution  medium.  For  a  basic  hardware  report  in  a 
text  e-mail,  your  batch  file  should  launch  "aida32 
/E  /SUM  /TEXT.”  Replacing  /SUM  with  /AUDIT 
yields  a  more  extensive  report  (includes  installed 
patches  list).  The  aida32.ini  file  contains  e-mail  set¬ 
tings  that  can  be  configured  by  using  the  GUi. 

Blass  is  a  network  architect  at  Chcmge@Work  in 
Houston.  He  can  be  reached  at  dr.  interne t@ 
changealwork.  com. 
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Cascading  Style  Sheets  (6):  The  bitter  end 


I  his  is  it  folks,  the  final  installment  of 
our  romp  through  Cascading  Style 
Sheets,  Dynamic  HTML  and  Java¬ 
Script  for  two  reasons:  The  first  is  that  if 
we  dig  much  deeper,  we  could  spend 
another  six  weeks  on  the  topic  —  it  real¬ 
ly  is  a  huge  subject.  Second  —  and  most 
important  —  is  that  if  we  don’t  change 
topic,  our  editor  will  hurt  us. 

Anyway,  last  week  we  asked  what  the  fol¬ 
lowing  code  will  do  in  the  presence  of  a 
Cascading  Style  Sheet  applied  to  the 
page  it  is  in.  Here’s  the  inline  CSS: 

<style  type=”text/css”> 
body  { 

background:  blue; 

} 

</style> 

And  here’s  our  code: 

The  color  of  danger  is  <a  href=” 
javascript:void(document.bgcolor=’red’) 
”>red!</a> 

The  answer  is  nothing.The  reason  is  that 
within  the  browser  there  are  two  object 


models  at  work:  The  DHTML  Object 
Model,  which  provides  access  to  any  tag 
by  name  and  ID,  and  the  Document 
Object  Model  (DOM),  which  provides 
access  to  document  elements.  In  this 
case  the  latter  wins.  Therefore,  if  we’re 
using  CSS,  then  to  change  an  attribute  we 
have  to  start  navigating  the  DOM.  Here’s  a 
function  that  goes  in  the  head  section  of 
a  document: 

<script> 

function  changebgc(mycolor) 

{ 

var  doc  =  document.getElementsByTag 
Name(“body”).item(0); 

doc.style.backgroundColor  =  mycolor; 

} 

</script> 

Now  in  the  body  add  the  following: 

<p>The  color  of  water  is  <a  href= 
”javascript:void(changebgc(‘blue’))”>bl 
ue!</ax/p> 

<p>The  color  of  trees  is  <a 
href=”javascript:void(changebgc(‘green’ 
))  ”>green  Wax/ p> 

Clicking  on  the  links  will  alternate  the 
page’s  background  color  (note  that  you 
can  also  specify  the  color  numerically, 
such  as  ,#ff00ff’,  which  will  produce  a 
rather  nasty  shade  of  puce). 

Interestingly,  if  you  don’t  have  a  CSS 


applied  and  you  use  the  first  script  it  will 
work  and  the  background  will  turn  red. 
But  once  you  set  up  an  element  using  our 
changebc()  function  the  DOM  will  be  in 
effect,  and  the  DHTML  Object  Model  no 
longer  applies. 

If  you  want  to  examine  the  object 
models  in  a  document  you  can  use  DOM 
Viewer,  a  really  neat  piece  of  JavaScript 
code  by  Mike  Hall  (for  more  details,  go 
to  www.nwfusion.com,  DocFinder:  1 235). 
You  simply  save  the  DOM  Viewer  code  as 
an  HTML  file  and  then  add  a  link  as 
follows  in  the  document  you  want  to 
examine: 

<a  href=”domviewer.html”  target=” 
_blank”>Iaunch  viewer</a>. 

This  produces  a  separate  window  con¬ 
taining  a  hierarchical  list  of  every  ele¬ 
ment  in  the  entire  browser  document.You 
can  even  specify  a  starting  object  to  min¬ 
imize  the  size  of  the  display  This  is  a  ter¬ 
rific  learning  tool. 

CSS  priorities 

While  any  DOM  changes  you  make 
through  JavaScript  will  take  precedence, 
there  is  an  order  of  priority  for  all  CSS 
specifications  that  will  determine  how 
the  document  is  styled  when  first  loaded 


—  this  is  the  cascade  (DocFinder  1236). 

These  priorities,  in  descending  order, 
start  with  the  existence  of  the  [important 
value  as  in: 

p  (font-weight:  normal !  important;} 

This  value  overrides  any  other  priorities. 
Next  comes  the  author’s  style  sheet,  then 
the  user’s  (optional),  then  the  user  agent’s 
(also  optional). 

After  that  comes  how  specific  the  CSS 
rule  is  (see  DocFinder:  1237  for  more 
information)  followed  by  the  last  rule 
listed  and  finally  by  any  existing  or 
inherited  properties. 

As  we  said  at  the  beginning,  CSS  is  a  big 
topic  that  we  have  only  just  scratched  the 
surface  of  and  we  recommend  the  fol¬ 
lowing  books  to  assist  you  in  your  quest 
for  CSS  enlightenment:  DHTML  and  CSS 
for  the  World  Wide  Web  by  Jason  Cranford 
Teague;  HTML  for  the  World  Wide  Web  by 
Elizabeth  Castro;  Designing  with  Style 
Sheets,  Tables  and  Frames  by  Molly  E. 
Holzschlag;  JavaScript  Unleashed  by  R. 
Allen  Wyke  and  Jason  Gilliam;  and 
JavaScript  Developer’s  Dictionary  by 
Alexander  J.  Vincent. 

Happy  stylin  7  Formats  to  gearhead 
@gibbs.com. 


Quick  takes 
on  high-tech  toys 

By  Keith  Shaw 


Axis  launches  new  network  camera 

Network  camera  maker  Axis  Communications  last  week 
launched  its  Axis  210  Network  Camera  for  indoor  surveil¬ 
lance  applications.The  Axis  210  is  the  first  network  camera 
to  use  Axis’ Artpec-2  compression  chip,  which  lets  the  cam¬ 
era  transmit  video  at  30  frames  per  second  at  high  resolu¬ 
tions,  and  support  motion  detection  and  advanced 
event  management,  the  company  says.  The 
camera, scheduled  to  be  available  later 
in  the  second  quarter,  will  cost  -«««»■ 

about  $500.  ' 

It  has  a  built-in  Web  server  and 
supports  Universal  Plug  and 
Play  to  connect  easily  to  an  IP 
network  and  the  Internet,  Axis  says.  It 
uses  the  Motion-JPEG  video  format  to 
deliver  images  or  video  in  full  VGA  (640-by-480- 
pixel)  resolution.  The  camera  will  support 
MPEG-1  formats  as  a  free  software  upgrade  in 
the  third  quarter. Target  markets  include  offices, 
schools,  retail  stores  and  other  companies  inter¬ 
ested  in  indoor  security  monitoring. 

An  LCD  monitor  with  ail  the  extras 

Envision  Monitors  last  week  added  to 
its  LCD  monitor  line  with  the  launch  of 
the  EN9250.  The  F.N9250  19-inch  LCD 


ultra-thin  flat-panel  monitor  in¬ 
cludes  two  built-in  speakers.  It 
aims  to  maximize  desktop  space 
with  the  inclusion  of  optional 
add-ons  such  as  picture  clips  that 
mount  to  the  side  or  top,  and 
removable  accessory  holders 
that  can  store  pens,  pencils,  paper 
clips  and  the  like. 

The  EN9250  supports  digital  video 
input  and  has  a  viewing  angle  of  170 
degrees  (horizontally  and  vertically).  In 
addition,  viewers  can  pivot  the  screen  90 
degrees  for  portrait  or  landscape  viewing.  The 
monitor  also  has  a  25-degree  tilt,  70-degree  swivel  and 
1,100mm  height  adjustment. 

It  costs  about  $650  and  is  available  now. 

Toshiba  ships  a  slew  of  notebooks 

Toshiba  recently  launched  three  note¬ 
books,  including  a  Tablet  PC  that  in¬ 
cludes  802. 1  lg  wireless  LAN  connectiv¬ 
ity  support  and  a  60G-byte  hard  drive. Other 
notebooks  include  a  lightweight  model  aimed 
at  students  and  families,  and  a  multimedia  power¬ 
house  for  entertainment  and  video  game  fans. 

The  Portege  M205  Tablet  PC  notebook  costs  about 
$2,500  and  is  available  at  the  ToshibaDirect  Web  site  and 
other  retailers.  The  M205  looks  and  acts  like  a  regular 
notebook,  and  also  includes  a  display  that  can  rotate  and 
fold  back  to  create  a  tablet.  Data-input  methods  include 
typing,  writing  on  the  screen  and  speech  recognition. 

The  M205  includes  a  1.5-GHz  Intel  Pentium  M  processor, 
512M  bytes  of  RAM  (upgradeable  to  2G  bytes), an  Nvidia 
GeForce  FX  5200  graphics  card  with  32M  bytes  of  dou- 

The  Axis  210  Network  Camera  can  transmit  video  at 
30  frames  per  second  at  high  resolutions. 


The  M205  Tablet  PC  includes  a 
display  that  can  rotate  and  fold 
back  to  create  a  tablet. 

ble-data-rate  video  memory,  inte¬ 
grated  V.92  modem,  10/100 
Ethernet  port,  a  Type  II  PC  Card 
slot,  two  USB  2.0  ports  and  a 
Secure  Digital  card  slot. The  de¬ 
vice  weighs  4.4  pounds 
and  offers  up  to 
4.5  hours  of  bat¬ 
tery  life,  Toshiba 
says. 

The  second  notebook, 
the  Satellite  M35-S320,  is  aimed  at 
consumers,  students  and  families,  and  in¬ 
cludes  a  1.5-GHz  Intel  Pentium  M  processor,  802.1  lg 
WLAN  support,  a  60G-byte  hard  drive,512M  bytes  of  RAM, 
a  32M-byte  Nvidia  GeForce  FX  Go5200  graphics  card, 
DVD/CD-RW  combination  drive,  10/100  Ethernet,  three 
USB  2.0  ports,  Secure  Digital  and  IEEE  1394  ports.  The 
notebook  is  priced  starting  at  about  $1,800. 

The  third  notebook  is  the  Satellite  P25-S670,  which 
includes  an  Nvidia  GeForce  FX  Go5700  card  with  128M 
bytes  of  video  RAM.  The  multimedia  notebook  also 
includes  S-video  and  component  video  outputs,  so  users 
can  view  DVDs  or  other  content  on  a  TV  in  standard  or 
high-definition  format.  The  notebook  also  includes  a 
Dolby  digital  optical  output  port  for  listening  in  5.1  digi¬ 
tal  surround  sound, Toshiba  says. 

The  P25-S670  includes  a  3.2-GHz  Intel  Pentium  4 
Processor,  an  80G-byte  hard  drive,  512M  bytes  of  SDRAM, 
a  17-inch  widescreen  XGA  display,  integrated  802.1  la/g 
WLAN  support,  10/100  Ethernet  port,  internal  TV  tuner, 
four  USB  2.0  ports,  an  IEEE  1394  port  and  Secure  Digital 
card  slot.The  notebook  costs  about  $2,700. 

Shaw  can  be  reached  at  kshaw@nww.com. 


As  crucial  as  DNS,  DHCP,  and  IP 

address  management  are  to  the  smooth  run¬ 
ning  of  your  network,  each  also  represents 
serious  threats  and  understanding,  managing, 
and  protecting  them  is  crucial. 

In  the  InternetWorld,  three  guidance  systems 
exist:  IP  Addresses,  DNS,  and  DHCP.  Working 
together,  these  three  mechanisms  make  it  pos¬ 
sible  to  locate  everything  you  need  on  the 
Internet,  including  your  own  computer.  As  the 
key  means  to  finding  everything  on  your 
internal  IP  network  as  well  as  the  Internet, 
these  systems  are  literally  the  keys  to  the 
kingdom. Therefore,  managing  and  protect¬ 
ing  them  is  crucial. 

This  SPECIAL  REPORT  focuses  on 
what  DNS/DHCP  and  IP  Address 
Management  are,  what  they  do,  and 
where  they  came  from.  We'll  also 
explore  their  vulnerabilities  and 
threats,  then  discuss  the  best  prac¬ 
tices  and  tools  to  manage  and  pro¬ 
tect  them.  Take  advantage  of  this 
free  offer  from  Network  World 
Fusion  and  secure  your  copy  of  the 
SPECIAL  REPORT:  Best  Practices  in 
DNS /DHCP  and  IP  Address  Management  in 
PDF  format  today. 

About  the  Author 

This  SPECIAL  REPORT  is  authored  by 
Tere'  Bracco,  Vice  President  of  Enterprise 
Systems  and  Solutions  at  Current  Analysis. 
Tere'  is  responsible  for  analyzing  the  profes¬ 
sional  services  market  for  all  types  of  enter¬ 
prise  networks,  from  telecommunications 
carrier  networks  to  SME  networks.  In  addition, 
she  oversees  coverage  for  enterprise  network 
infrastructure,  enterprise  packet  telephony, 
and  converged  networks.  A  renowned  engi¬ 
neer,  author  and  analyst,  Tere'  has  published 
four  books  on  networking  and  has  designed 
global  networks  for  organizations  such  as 
Sprint  and  MCI. 


abPtUlAL  KtruKl: 


Best  Practices  in  DNS/DHGP 
and  IP  Address  Management 


Fora  limited  time,  you  can  get  a  copy  of  this  SPECIAL  REPORT  in 
PDF  format,  free.  Just  download  your  free  copy  at:  (registration 
required)  http://www.nwfusion.com/lucent/SR1 
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EDITORIAL 

John  Dix 

Regulation: 

A  sticky  wicket 
for  VoIP 

The  Michigan  Public  Service  Commission  announced 
last  week  it  will  investigate  the  regulatory  issues 
swirling  around  VolR  joining  a  number  of  other  states 
that  are  taking  the  matter  into  their  own  hands  instead  of 
waiting  for  the  FCC  to  mandate  an  approach. 

Besides  Michigan,  states  serious  about  VoIP  regulation 
include  Alabama,  California,  Minnesota,  New  York,  Oregon, 
Washington  and  Wisconsin. 

This  has  the  potential  of  leading  to  a  patchwork  of  reg¬ 
ulation  and  is  putting  pressure  on  the  FCC  to  act. The 
FCC  issued  its  first  VoIP  decision  February  12  when  it 
ruled  in  the  so-called  Pulver  Order  that  “an  entirely 
Internet-based  VoIP  service  was  an  unregulated  informa¬ 
tion  service.” 

That  means  that  services  such  as  FreeWorld  Dialup,  an 
Internet-based  phone  service  offered  by  Jeff  Pulver,  presi¬ 
dent  and  CEO  of  Pulver.com,  can  sidestep  existing  telecom 
regulations  and  associated  fees  and  taxes.  Pulver  says  it 
also  gave  the  FCC  a  way  to  send  a  message  to  states  about 
the  direction  ofVoIP  regulation. 

“One  politician  called  me  the  Rosa  Parks  of  telecom,” 
Pulver  says. 

The  FCC  has  since  opened  a  broader  inquiry  but  the 
process  gets  thorny  from  here  because:  One,  a  host  of  heavy 
issues  gets  stirred  in, such  as  universal  service  requirements 
and  the  need  for  wiretapping;  and  two,  it’s  unclear  how  to 
regulate  calls  that  are  on  the  switched  network  one  minute 
and  on  the  Internet  the  next,  which  will  become  increas¬ 
ingly  common,  even  for  mainstream  telecom. 

Regarding  the  former,  FCC  Chairman  Michael  Powell 
wrote:“Rules  designed  to  ensure  law  enforcement 
access,  universal  service,  disability  access  and  emer¬ 
gency  91 1  service  can  and  should  be  preserved  in  the 
new  architecture.” 

Clearly  the  states  and  the  FCC  are  playing  catch-up. 
Besides  Internet-based  services  like  Pulver’s  FreeWorld 
Dialup  and  upstart  Vonage,  even  the  big  boys  are  making 
waves  —  AT&T,  MCI  and  others  are  embracing  VoIP 
So  the  question  for  corporations  is,  will  any  of  this  largely 
consumer  activity  affect  corporate  VoIP  plans?  In  a  word, 
no,  because  most  all-corporate  VoIP  implementations  are 
across  private  networks  that  the  regulations  don’t  touch  — 
few  companies  are  willing  to  risk  voice  quality  to  the  pub¬ 
lic  Internet. 

But,  warns  Pulver,  there  are  some  in  Washington  that 
would  pee!  back  that  protective  cover  and  also  regulate 
private  networks.The  stakes  are  too  great  to  leave  it  to 
chance. Get  in  touch  with  your  representatives  to  explain 
the  issue,  the  stakes  and  your  views. 

—  John  Dix 
Editor  in  chief 
jdix@nww.com 
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It's  not  magic 

Regarding  “Do  you  believe  in  Magic  Quadrants?” 
(www.nwfusion.com,  DocFinder:  1223):  Gartner’s 
Magic  Quadrant  is  a  brilliant  technique  for  repre¬ 
senting  multi-dimensional  products,  companies  or 
markets  on  a  two-dimensional  surface.The  quadrant 
is  not  magic,  pure  science,  definitive  or  an  answer:  It 
is  one  company’s  perspective  and  a  tool.  IT  profes¬ 
sionals  and  business  decision-makers  should  have 
many  tools  in  their  toolbox.  When  researching  or 
evaluating  a  product,  service  or  market,  we  should 
always  seek  multiple  opinions  covering  our  particu¬ 
lar  requirements.  You  may  not  need  the  complete 
offering  of  the  market  leader;  here  the  niche  player 
may  provide  your  solution. 

No  individual  quadrant  is  better  or  worse  than  the 
other,  and  from  that  perspective,  Gartner’s  Magic 
Quadrant  is  a  valuable  tool.You  still  have  to  evaluate 
the  products, and  the  process  should  include  a  post¬ 
mortem  analysis  comparing  the  analyst’s  opinion  to 
yours.The  postmortem  analysis  will  help  determine 
how  often  you  pull  that  tool  from  your  toolbox. 

Andrew  Kiolbasa 
COO 
312,  Inc. 
Orlando 


Make  it  affordable 

Regarding  “Copan  spins  disks  on  demand”  (Doc- 
Finder:  1224):  Why  would  anyone  pay  75  cents  to 
$3.50  per  gigabyte  when  you  can  now  buy  Serial 
Advanced  Technology  Attachment  hard  drives  for  88 
cents  per  gigabyte?  It  seems  as  though  by  removing 
the  “extra”  technology  vendors  should  be  able  to  get 
the  price  down  much  further.  I’ve  been  backing  up 
to  a  hard  drive  for  years,  and  I’ve  never  had  a  prob- 


E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix,  editor  in 
chief.  Network  World,  118  Turnpike  Road,  Southborough,  MA  01772. 
Please  include  phone  number  and  address  for  verification. 


lem  restoring  like  when  1  used  dynamic  address 
translation.  Many  back-up  software  vendors  are  now 
adding  hard  drive  back-up  features.  I  just  hope 
Copan  and  other  vendors  get  pricing  in  the  range 
that  small  to  midsize  companies  can  afford. 

Garrett  Johnson 
MIS  manager 
Annalee  Mobilitee  Dolls 
Meredith,  N.H. 


Most  have  ethics 

1  take  exception  to  your  story  regarding  MCI  ethics 
training  (DocFinder:  1225).  The  lack  of  ethics  dem¬ 
onstrated  by  MCI  leadership  was  not  and  is  not  rep¬ 
resentative  of  the  ethics  of  the  rank-and-file  MCI  emp¬ 
loyee.  Ethics  training  will  be  good  for  everyone,  but  it 
should  be  noted  that  folks  in  the  field  with  whom  I 
have  worked  over  the  years,  deploying  computers  for 
IT  support,  were  doing  their  job  diligently  and 
responsibly  This  difference  needs  to  be  made  clear. 

Terry  Weathers 
Colorado  Springs 

Collateral  damage 

Joel  Snyder’s  column  “Time  to  wise  up  about 
worms”  (DocFinder:  1226)  is  the  best  story  I  have 
ever  seen  on  viruses.  My  small  business  is  continu¬ 
ally  affected  by  “bounce  messages”  to  e-mails  we 
didn’t  send, “you  have  a  virus”  notifications  from  IT 
administrators  who  don’t  understand  that  the 
return  addresses  on  infected  e-mails  are  usually 
forged. . .  .These  virus  writers  have  cost  me  a  small 
fortune.  It  only  takes  one  naive  user  to  put  my  busi¬ 
ness  address  in  his/her  address  book  and  make  my 
life  miserable.  Perhaps  some  personal  liability,  as  in 
monetary  damages,  might  convince  people  that  if 
you  don’t  know  how  to  use  that  computer,  you’d 
best  leave  it  alone. 

.  Patricia  Collins 
Gulf  Breeze,  Fla. 
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USER  VIEW 

Chuck  Yoke 


s  a  result  of  studying  philosophy  in  col¬ 
lege,  I  tend  to  make  unusual  connec¬ 
tions.  Recently  while  reading  a  book  by 
the  Dalai  Lama,  I  came  across  a  passage  that 
said  the  essence  of  his  teachings  is  to  help 
others  if  possible,  and  if  that  is  not  possible, 
at  least  do  no  harm.  And  while  Tibetan 
Buddhism  and  technology  have  little  in  common,  this  passage  also 
can  be  considered  the  essence  of  business  technology 

The  goal  of  any  business  is  to  increase  profitability.  A  profitable 
company  creates  jobs,  purchases  more  equipment  from  vendors  and 
adds  overall  value  to  a  community.  Any  business  tool  —  whether  it  is 
in  technology,  manufacturing  or  office  service  —  needs  to  enhance 
a  company’s  revenue  stream  or  at  the  least  do  no  harm. 

Technology  is  a  valuable  tool  for  enhancing  the  bottom  line,  but  it 
also  can  affect  the  profit  margin  negatively.  Business  technologists 
have  to  do  a  thorough  financial  and  risk  analysis  to  determine  the 
true  value  of  a  technology,  for  more  often  than  not  there  is  more  than 
meets  the  eye. 

A  good  example  of  this  is  DSL.  Many  companies  are  researching 
DSL  and  DSL-based  VPNs  as  alternatives  to  costly  dedicated  circuits. 
DSL-based  VPNs  can  eliminate  the  need  for  dedicated  point-to-point 
or  frame  relay  circuits,  which  reduces  overall  communication  costs. 
In  many  cases  DSL-based  VPNs  can  reduce  network  costs  by  20% 
to  30%. 

At  first  glance,  this  would  appear  to  meet  the  goal  of  enhancing  a 
company’s  profitability  However,  this  is  a  case  in  which  business 


IT  philosophy:  Do  no  harm 


technologists  need  to  look  beyond  the  numbers  and  consider  the 
risk.  Although  DSL  costs  less  than  dedicated  circuits,  that  lower  cost 
carries  with  it  a  lower  service  level.  Most  DSL  providers  have  a  mini¬ 
mum  mean  time  to  repair  (MTTR)  of  24  to  48  hours.  And  often  this  is 
only  Monday  through  Friday  An  outage  on  Thursday  afternoon  might 
not  be  resolved  until  Tuesday 

So  while  DSL  can  reduce  network  costs,  it  also  presents  a  risk  to  the 
revenue  stream.  An  outage  on  Thursday  can  result  in  five  days  of  dis¬ 
ruption  to  the  revenue  stream,  which  can  more  than  eliminate  any 
network  cost  savings.  Additionally,  five  days  of  downtime  during  a 
busy  season  can  be  financially  devastating.  Granted,  the  risk  can  be 
reduced  by  providing  dial  or  ISDN  backup,  but  the  combined  cost 
might  reduce  savings  to  a  level  that  is  not  financially  justifiable. 
Business  technologists  need  to  consider  if  the  potential  risk  is  worth 
the  perceived  value. 

DSL-based  VPNs  can  be  the  network  of  choice  for  locations  that  gen¬ 
erate  little  if  any  revenue,  where  they  can  “do  no  harm.”  However,  the 
risk  of  impacting  the  revenue  stream  needs  to  be  considered  before 
migrating  a  site  from  any  dedicated  connectivity  that  carries  a  four- 
hour  MTTR. 

DSL  is  not  the  only  technology  that  needs  to  be  analyzed.  Any  net¬ 
work,  systems  or  application  technology  that  has  the  potential  to  affect 
a  company’s  revenue  stream  needs  to  be  evaluated  thoroughly  to 
ensure  it  enhances  profitability  or  at  least  does  no  harm. 


Technology  is  a 
valuable  tool  for 
enhancing  the 
bottom  line,  but 
it  also  can  affect 
the  profit  margin 
negatively. 


Yoke  is  director  of  business  solutions  engineering  for  a  corporate 
network  in  Denver.  He  can  be  reached  at  ckyoke@yahoo.  com. 


INDUSTRY  COMMENTARY 

Frank  Dzubeck 


For  more  than  a  decade,  SNMP  has  been 
the  basis  for  all  IP  network  and  systems 
management.  However,  as  with  all  lega¬ 
cy  software,  there  comes  a  time  to  break 
with  the  past  and  move  into  the  future  with 
a  new  management  construct  and  architec¬ 
ture  that  meets  the  changing  demands  of 
vendors,  customers  and  services. 

The  first  step  in  re-engineering  SNMP  is  to  move  the  management 
standards  efforts  out  of  the  IETF  and  into  the  World  Wide  Web 
Consortium  (W3C).  The  reason:  The  next  generation  of  management 
software  will  be  more  system  and/or  application  oriented  than  infra¬ 
structure  oriented.  In  addition,  XML,  a  key  component  of  current  soft¬ 
ware  application  development,  is  in  the  purview  of  the  W3C.  The  IT 
industry  does  not  need  protocol  improvement;  it  needs  standardized 
Web  services  engineered  for  management  applications. 

It’s  time  to  move  into  the  next  architectural  stage  of  IT  management. 
For  12  years  the  industry  has  attempted  to  fix,  maintain,  improve  and 
enhance  SNMP  within  its  original  architecture.  Current  software  appli¬ 
cation  development  uses  XML-based  Web  services  as  the  driving  force 
for  application  interoperability  and  communication.  Any  way  you  look 
at  it,  network  and  system  management  is  a  software  application. 

SNMP’s  large  embedded  base  dictates  the  need  for  backward-inter¬ 
operability  between  SNMP  and  its  successor.  This  is  easily  accom¬ 
plished  using  Web  services’  enveloping  concepts  and  metadata.  “Old- 
gen”  SNMP  products  and  management  applications  therefore  will  be 
able  to  communicate  and  interoperate  with  “next-gen”  products  and 
applications.This  software  technique  also  will  let  existing  management 
information  bases  be  used  or  be  replaced  by  a  new  interoperable  XML 
management  schema  engineered  as  an  XML-based  MIB. 

Although  SNMP  has  numerous  software  architectural  flaws,  two  of 
these  flaws  are  major.  The  first  is  that  SNMP  is  dependent  upon  User 
Datagram  Protocol  (UDP)  for  messaging.  UDP  does  not  require  explic¬ 


Is  it  time  to  re-engineer  SNMP? 


it  message  acknowledgement  or  receiver  authentication.  Its  original 
architects  believed  that  to  make  SNMP  messaging  trustworthy  required 
the  addition  of  overhead  features  that  have  potential  vulnerabilities 
when  network  problems  occur,  while  also  increasing  complexity  This 
architectural  flaw  is  one  reason  why  the  IETF  working  groups  have 
placed  so  much  emphasis  on  message  security  and  accuracy  Today, 
processing  capacity,  storage  and  bandwidth  are  no  longer  constraints 
requiring  that  architectural  complexity  be  compromised. 

The  second  flaw  is  the  “pole-select”  software  concept  —  in  SNMP 
terms,  a  manager  and  an  agent.The  manager  is,  in  almost  all  cases,  the 
requester  in  a  synchronous  request-respond  conversation. This  type  of 
architecture  is  outdated  and  must  be  replaced  by  a  modern  manage¬ 
ment  event-based  bus  that  allows  asynchronous  messaging  using  a 
publish/subscribe  model.  Event-based  architectures  exist  today 
because  of  the  distributed  embedded  intelligence  in  all  forms  of  soft¬ 
ware,  and  compute  and  storage  resources  in  hardware.  Exception  pro¬ 
cessing  within  event-based  architectures  will  allow  for  the  manage¬ 
ment  scaling  of  telemetry  devices,  networks  and  systems  without  addi¬ 
tional  network  and/or  processing  overhead,  and  will  remove  compli¬ 
cated  hierarchical  management  structures  that  emulate  or  create  a 
“manager  of  managers.” 

Event-based  software  architectures  are  the  wave  of  the  future  for  IT 
policy  and  operations  management.  They  are  the  new  underpinning 
for  carrier  operational  support  systems  and  corporate  on-demand/util- 
ity  resource  provisioning  and  autonomic  control  system  software.  If 
these  management  systems  are  being  re-engineered,  why  not  also  re¬ 
engineer  all  network  and  system  management  to  create  a  simplified 
and  unified  management  software  and  database  structure?  To  this 
observer,  the  reason  is  obvious  —  an  IT  legacy  called  SNMP 


The  first  step  in 
re-engineering 
SNMP  is  to  move 
the  management 
standards 
efforts  out  of  the 
IETF  and  into  the 
World  Wide  Web 
Consortium. 


Dzubeck  is  president  of  Communications  Network  Architects ,  an  indus¬ 
try  analysis  firm  in  Washington,  D.C.  He  can  be  reached  at  (dzubeck 
@commnetarch.  com. 
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■  BY  STEVE  ULFELDER 


MIT  recently  brought  together  the  nations  top  spam  fighters  at  its 


Matthew 
Prince  helps 
businesses 


annual  anti-spam  conference.  Network  World  caught  up  with  some 
of  the  speakers  and  participants.  Here  are  their  stories. 


Spam  credentials:  CEO,  Unspam,  a  consulting  company  specializing  in  anti-spam  laws; 
adjunct  professor  of  law,  John  Marshall  Law  School,  Chicago. 

Most-hated  spam:  "That  which  contains  inappropriate  content  and  is  targeted  at  chil¬ 
dren:  solicitations  for  pornography,  gambling,  alcohol,  tobacco.  In  most  states  it’s  illegal  to 
target  these  solicitations  to  children  in  the  off-line  world.  It  is  disgusting  to  me  that  spam¬ 
mers  can  get  away  with  doing  it  online." 

Favorite  spam-fighting  weapon:  "I’m  skeptical  about  filtering  technology,  on  its  own,  as  a 
solution  to  spam.  Since  there’s  essentially  no  cost  to  sending  e-mail,  spammers'  response  has 
been  to  increase  the  volume  they  send.  The  rise  in  spam  almost  exactly  correlates  with  the 
deployment  of  filters.”  i m  im 


chose  this  work 
not  only  because 
unwanted  mes¬ 
sages  constitute 
a  modern  plague  1  hoped 
1  could  help  do  something 
about,  but  also  because 
spam  presents  challenging 
and  cutting-edge  legal 
issues,”  Prince  says. 

As  an  example,  he  points 
out  that  while  a  number  of  states  and  countries 
have  passed  anti-spam  laws  “the  problem  is  that  an 
e-mail  address  alone  doesn’t  reveal  its  owners  juris¬ 
diction.  So  when  you  send  to  my  address,  there’s  no 
way  to  tell  what  state  or  country's  laws  you  are  sub¬ 
jecting  yourself  to,”  he  says.That  causes  trouble 
because  “under  just  about  every  modern  legal  sys¬ 
tem,  unless  you  have  ‘purposefully  availed’  yourself 
of  a  jurisdiction, you  cannot  be  subject  to  its  laws," 
Prince  says. 

This  loophole  brings  to  mind  the  famous  New 
Yorker  cartoon  by  Ffeter  Steiner  with  the  caption, 
“On  the  Internet,  nobody  knows  you’re  a  dog.” Such 
“semi-anonymity  creates  a  problem  for  en¬ 
forcement  of  anti-spam  laws,"  Prince  says.“The  cap¬ 
tion  could  read,  On  the  Internet,  no  spammer  can 


With  existing  anti-spam 
law,  the  cost  of  prosecution 
has  nearly  always  been 
perceived  [by  prosecutors] 
as  higher  than  the  social 
benefit  of  prosecuting  a 
single  spammer : 


tell  you’re  a  New  Yorker” 
This  has  been  a  problem 
on  the  state  level  and  will 
continue  to  be  a  problem 
on  the  federal  level.  Prince 
says  spam  fighters  tend  to 
be  passionate  about  their 
work.“Spam  stirs  people’s 
emotions  because  people 
view  it,  rightly  as  an  inva¬ 
sion,”  he  says.  Unspam’s  Web 
site  gets  reams  of  e-mail  from  users  who  are  sick  of 
spam,  he  says,  and  “the  passion  these  people  have 
for  getting  rid  of  spam  spills  over  to  those  of  us  try¬ 
ing  to  come  up  with  solutions.” 

It’s  not  surprising  that  Prince  says  there  is  a  place 
for  law  in  the  war  on  spam. “The  law  has  one  clear 
advantage  over  technology:  It  can  impose  costs,” 
he  says.“While  law  will  never  be  as  efficient  as 
technology,  technology  has  no  mechanism  in  an 
environment  where  the  marginal  costs  are  virtually 
zero  to  increase  the  cost.”  As  a  result,  he  says,  filters 
can  stop  a  majority  of  e-mail  from  being  delivered, 
but  spammers  just  increase  the  number  of  mes¬ 
sages  they  send. Therefore,  virtually  the  same  num¬ 
ber  of  messages  get  through,  and  the  spammers’ 

See  Prince,  page  71 


MATTHEW  PRINCE 


NetworkWorld  3/22/04 


Prince 

continued  from  page  69 

costs  are  unchanged.“But  the  overall  costs  to 
the  network  increase  dramatically’ he  says. 

However,  Prince  says  the  first  generation  of 
anti-spam  iaws,  including  the  new  federal  CAN- 
SPAM  Act  and  European  and  Asian  opt-in  regu¬ 
lations,  have  been  ineffective.“They  did  little  to 
make  prosecution  cost-effective,”  he  says.'And 
an  old  legal  adage  says, ‘Without  prosecution 
there  is  no  law’” 

Thus,  if  new  antispam  laws  are  to  be  en¬ 
forced,  and  therefore  effective,  Prince  says  he 
believes  they  must  “decrease  the  cost  of  track¬ 
ing  down  spammers,  decrease  the  cost  of 
bringing  a  trial,  increase  the  likelihood  of  suc¬ 
cess  at  trial  or  increase  the  social  benefit  from 
winning  a  trial.”  He  applauds  some  state  efforts 
that  he  says  are  headed  in  the  right  direction, 
such  as  child  protection  registries  under  con¬ 
sideration  in  Utah  and  Michigan. 

“At  its  heart,  spam  is  a  problem  of  identity’ 
Prince  says.“If  you  can  tell  who  is  sending  the 
messages,  then  you  can  write  laws  to  punish 
bad  actors.  Moreover,  you  can  create  filters  that 
will  actually  be  effective.  As  a  result,  the  tech¬ 
nologies  that  interest  me  the  most  are  the  ones 
that  help  establish  and  verify  a  sender’s  identity 
Until  we  can  do  that,  1  suspect  spam  will  con¬ 
tinue  to  be  a  serious  problem,  even  as  we 
develop  better  filters.” 

Prince  is  optimistic  about  spam’s  predicted 
demise.“If  the  spam  economy  behaves  in  a 
classical  way  it  should  eventually  defeat  itself,” 
he  says.'As  the  response  rate  for  messages 
drops,  eventually  the  costs  should  be  high 
enough  that  being  in  the  business  of  spam  isn’t 
profitable. The  advantage  of  a  problem  like 
spam  over  a  problem  like  computer  viruses  is 
that  the  spammers  aren’t  just  sending  their  mes¬ 
sages  for  fun  —  they’re  out  to  make  money  If 
their  costs  get  too  high,  they’ll  move  on  to  some 
other  business.” 

To  hasten  the  death  of  spam,  he  says, “you 
need  to  impose  a  marginal  cost  on  each  mes¬ 
sage  spammers  send. This  is  why  [Microsoft 
Chief  Software  Architect  Bill]  Gates’  proposed 
solution  is  to  charge  a  small  fee  for  every 
e-mail  sent.That  would  work  to  impose  signifi¬ 
cant  costs  on  spammers  and  may  stop  a  lot  of 
spam,  but  I’m  not  sure  the  cure  isn’t  worse  than 
the  disease." 

Asked  if  he  has  conversed  online  or  other¬ 
wise  with  spammers,  Prince  says, “The  problem 
is  very  few  people  sending  spam  think  of  them¬ 
selves  as  spammers.  I’ve  talked  with  a  lot  of 
people  who  think  of  themselves  as ‘e-mail  mar¬ 
keters’  but  who  engage  in  practices  that  are  par¬ 
ticularly  troubling  —  trading  lists, ‘losing’  opt-out 
requests,  having  an  extremely  loose  definition 
of  what  it  means  to  have  opted  in. Some  of 
them  genuinely  don’t  see  a  problem  with  what 
they’re  doing.  And  if  they  were  the  only  ones 
doing  it.it  wouldn’t  be  much  of  a  problem. 

“However,  just  as  people  who  throw  trash  on 
the  ground  in  a  park  justify  it  by  thinking  their 
trash  alone  won't  do  much  harm,  some  mar¬ 
keters  I’ve  talked  to  justify  their  behavior  by 
arguing  that  their  little  indiscretions  aren’t  that 
bad.  Unfortunately,  just  like  trash  in  the  park,  a 
lot  of  small  acts  of  bad  behavior  quickly  multi¬ 
ply  to  a  significant  problem,”  he  says.  ■ 


TERRY  SULLIVAN 

Spam  credentials:  Software  developer  and  Dallas-based  researcher  focused  on  statistical  analysis  and  char¬ 
acterization  of  spam,  Led  the  Internet  Research  Task  Force  workgroup  on  fighting  spam. 

Most-hated  spam  villain:  “All  of  them!  All  spam  is  a  form  of  attention  theft,  which  is  precisely  what  makes  it 
bad.  That  said,  I  felt  most  heartsick  when  I  ran  across  the  foreign-currency-smuggling  spam  (commonly  referred  to 
as  ‘Nigerian’  spam)  that  cloaked  itself  in  religious  language  and  Biblical  quotations,  trying  to  prey  on  the  religious 
sentiments  of  unsuspecting  innocents," 

Favorite  spam-fighting  weapons:  “I  favor  a  belt-and-suspenders  approach.  My  in-box  is  protected  with  a 
heavily  optimized  rule-based  classifier,  a  Bayesian  filter,  a  small  whitelist/blacklist  and  some  minimal  DNS-related 
stuff.  Still,  I  do  have  a  favorite  genre  of  anti-spam  solutions:  the  heuristic  classifier  (aka  the  rules-based  classifier, 
sometimes  called  a  feature  detector)." 


Sullivan  joined  the  war  on  spam  because  of  “a  grad¬ 
ual,  increasing  frustration  with  the  sheer  amount  of 
dreck  that  was  accumulating  in  my  in-box  and  a 
sense  that  if  I  wasn’t  interested  in  ‘herbal  Viagra’ yes¬ 
terday,  or  the  day  before,  why  on  Earth  would  I  be  interested 
in  it  today?” 

When  the  aggravation  hit  a  certain  point,  Sullivan  says, “I 
finally  said  to  myself, ‘I’m  a  bona  fide  expert  in  some  very 
sophisticated,  automatic,  document-classification  technolo¬ 
gies.  Why  am  I  putting  up  with  this?”’ Within  24  hours,  Sullivan 
says,  two-thirds  of  all  his  incoming  spam  was  being  piped 
straight  into  an  archive.“Two  weeks  later,  it  was  around  98%. 
And  I  never  looked  back,”  he  says. 

Sullivan  is  passionate  about  his  work, “and  that  passion  comes 
from  having  a  sense  of  higher  purpose,  a  sense  of  working  on 
something  really  big,”  he  says.“Beople  resent,  viscerally  and  per¬ 
sonally  any  attempt  to  steal  time  from  them.  Spam  fighters  prob¬ 
ably  have  a  sense  of  ultimately  allowing  themselves  and  others 
to  reclaim  their  time  as  their  own.” 

Asked  about  law  and  regulation,  Sullivan  says, “Legislation  can 
only  play  an  ancillary  role  in  the  fight  against  spam.  Even  with 
[the  CAN-SPAM  Act]  in  effect,  the  amount  of  spam  sent  contin¬ 
ues  to  rise.  And  this 
should  surprise  no 
one.  Spam  be¬ 
trays  a 
fun¬ 


damental  dishonesty  as  evidenced  by  widespread  forgery  of 
return  addresses  and  subject  lines.  It’s  reasonable  to  expect 
spammers  to  do  everything  they  can  to  exploit  the  numerous 
loopholes  in  CAN-SPAM  or  simply  to  ignore  it.There  are  also 
many  spam-scammers  who  are  known  criminal  frauds,  and 
thus  have  always  been  illegal.  Adding  one  more  to  the  list  of 
charges  against  them  is  not  going  to  deter  such  folks.” 

Sullivan  says  he  believes  most  spam  fighters  are  making  a  key 
mistake.  At  the  MIT  conference,  he  says,  he  found  too  much 
emphasis  on  “authentication  technologies  as  the  ‘solution.’ 

There  are  now  a  lot  of  very  smart,  very 
determined  people  working  to  make  spam 
go  away  without  breaking  e-mail It’s  just 
a  matter  of  time. 


Every  day  users  do  not  make  their  ham/spam  judgment  based 
on  the  source  of  the  message. They  make  it  based  on  the  con¬ 
tent  of  the  message.”  He  adds, “Authentication  doesn’t  solve  the 
problem  of  spam;  it  merely  relocates  it  and  in  the  process  cre¬ 
ates  a  thriving  after-market  in  identity  fraud/theft.  I’m  not  sure 
why  anyone  thinks  this  is  a  good  idea,  unless  it’s  because 
authentication  seems  like  an  easier  problem  to  solve  than  con¬ 
tent  analysis.  But  it’s  still  solving  the  wrong  problem,  and  it  rais¬ 
es  disquieting  possibilities  for  Big  Brother-ism.” 

Is  spam  on  its  way  out  in  the  relatively  near  future?  “The  turn¬ 
ing  point  [in  the  battle]  has  already  passed,  but  the  denoue¬ 
ment  is  still  probably  a  long  way  off. The  battle  against  spam 
will  be  much  like  the  war  in  the  Pacific  Theater  in  World 
War  II  —  slow,  incremental  progress,  one  island  at  a  time. 
And  remember,  the  battle  of  Midway  —  the  turning  point 
in  that  conflict  —  happened  in  June  1942,  but  the  war 
didn’t  end  until  August  of  ’45,” he  says. 

“The  fact  is,  there  are  already  plenty  of  brutally 
effective,  though  very  heavy-handed,  approaches 
that  can  make  spam  just  about  totally  disappear? 
Sullivan  says.“The  problem  is  that  these  approaches 
make  e-mail  much  more  inconvenient  to  use,  essen¬ 
tially  breaking  it  in  the  process.The  larger  challenge 
is  to  make  spam  go  away  without  breaking  e-mail.” 

After  reading  interviews  with  spammers, Sullivan 
finds  it  hard  to  summon  much  sympathy  for  them. 
“The  thing  that  surprises  me  the  most  is  that  they 
have  the  audacity  to  paint  themselves  as  utterly  inno¬ 
cent  victims  of  some  grand  conspiracy?  he  says.“lt 
takes  some  pretty  deep  denial  —  or  disingenu¬ 
ousness  —  for  them  not  to  recognize 

that  the  antipathy  they  provoke  is 
a  direct  result  of  their  own 
deceptive  prac¬ 
tices.”  ■ 


Terry  Sullivan  says  the  anti-spammers 
are  winning  the  war  against  spam. 
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MATT  KNOX 

Spam  credentials:  Freelance  anti-spam  software  developer  in  New  York. 

Most-hated  spam  villain:  “Phishing,"  in  which  a  spammer  sends  out  official¬ 
looking  messages  that  purport  to  be  from  a  legitimate  company  but  are  in  fact 
attempts  to  steal  personal  information. 

Favorite  spam-fighting  weapon:  Naive  Bayesian  Filtering.  Emerging  technol¬ 
ogy:  Naive  Bayesian  ffb,  or  “filter  that  fights  back." 


For  Matt  Knox,  the  obsession  with  fighting 
spam  all  started  with  a  pretty  girl. 

“One  time  [while  traveling],!  was  talking  to 
a  very  attractive  young  woman  and  asked  her 
for  her  e-mail  and  phone  number.  She  gave  them  to 
me.  I  lose  things  all  the  time, so  I  sent  myself  an 
e-mail  containing  her  info  from  a  friend’s  account.” 

One  reason  to  think  spam 
will  be  stopped  is  that  legal  and 
technical  ways  to  kick  spammers 
in  the  teeth  are  getting  popular . 

A  few  days  later,  back  at  home,“l  had  lost  the  paper 
with  her  info,  but  it  wasn’t  a  big  deal  because  1  had  it 
in  my  e-mail  account,  right?  Wrong.  My  in-box  was 
jammed  to  the  gills  with  spam,  and  the  message  had 
bounced,”  he  says. 

It  was  then  that  Knox  made  a  solemn  vow:“That 
was  the  day  spam  died.  It  just  hasn’t  found  out  yet.” 

He  says  he  believes  that  while  spam  is  essentially  a 
technical  problem  that  demands  a  technical  solu¬ 
tion,  some  laws  and  regulations  are  eminently  reason- 
able.“I  love  spam  laws  that  require  an  ADV:  tag  or 
make  illegal  the  forging  of  headers,”  he  says,  referring 
to  a  proposed  law  that  would  mandate  that  the  sub¬ 
ject  line  in  all  spam  e-mails  begin  with  the  four  char¬ 
acters  ADV:. “That  is  a  superb  instance  of  regulation 
—  and  will  make  filtering  stone-easy/  he  says. 


“1  would  be  less  comfortable  with 
[Digital  Millennium  Copyright  Act] 
enforcement  against  spammers,”  he 
says.  Like  many  attendees  at  the  MIT 
anti-spam  conference  he  finds  the 
DMCA  grossly  inadequate.  Or,  as  he  puts 
it, “brain-damaged.” 

Knox  says  Bill  Gates’  prediction  of 
spam’s  imminent  demise  is  “probably  close 
to  true. There  really  is  not  a  spam  problem 
now,  in  the  same  way  that,  for  most  people, 
there  is  not  a  virus  problem  or  a  pop-up  win¬ 
dow  problem.  Anyone  who  doesn’t  like  pop-ups 
in  [Microsoft  Internet  Explorer]  can  easily  get 
another  browser  like  Opera  or  Mozilla.  And  people 
who  don’t  like  viruses  can  use  Linux  or  OS  X,”  Knox 
says,  conceding  that  “this  may  be  more  difficult.” 

“Real  spam  filters  are  getting  easy  enough  to  be 
used  by  just  about  anyone  who  uses  non-Web-based 
e-mail.  People  using  Web-based  e-mail  are  just  stuck 
with  whatever  their  service  provider  wants  to  give 
them. That’s  usually  a  poorly  done  signa¬ 
ture-based  filter  now  —  but  those  fil¬ 
ters,  too,  will  improve  as  time  goes 
on,”  he  says. 

So  how  deep  does  his  resent¬ 
ment  against  spammers  run?“l 
don’t  despise  spammers.  I 
don’t  like  what  they’re 
doing,”  he  says.B 


Matt  Knox  says  spam 
is  a  technical  problem. 


SHLOMO  HERSHKOP 


Spam  credential:  Columbia  University,  New  York,  data  mining  lab,  Ph.D.  candidate. 

Most-hated  spam  villain:  "Virus  spam  —  too  many  people  are  getting  messed  over 
and  turned  off  from  e-mail." 


Favorite  spam-fighting  weapon:  Bayesian-based,  such  as  SpamAssassin.  "But  I 
believe  the  next  step  is  the  user-based  model." 


Since  the  [federal  anti-spam] 
law  went  into  effect  I’ve  seen  a 
decline  in  certain  types  of  spam 
and  a  rise  in  others. 

wide  use  not  only  between  users,  but  also 
between  systems.  For  example,  I  have  a  battery 
back-up  system  that  sends  out  e-mails  if  there’s  a 
problem.  Upgrading  users  to  new  protocols  will 
create  huge  headaches.  Getting  all  the  systems 
will  take  longer. You’d  be  surprised  how  much 
old  —  really  old  —  stuff  is  still  working  on  the 
Internet.” 

In  the  end,  Hershkop  says,“!t’s  silly  that  we 
have  to  deal  with  these  spam  e-mails. 

Technology  is  already  here  that  is  smart  enough 
to  deal  with  it.” 

Ulfelder  is  a  freelance  writer  in  Southborough, 
Mass.  He  can  be  reached  at  sulfelder@chartemet. 


Hershkop  entered  the  anti-spam  arena 

because  “we  had  a  really  cool  algorithm 
in  the  anomaly  detection  field  that  need¬ 
ed  to  be  applied  outside  of  computer 
security’  he  says. 

Moreover,  he  likes  that  he’s  doing  work  that 
could  benefit  end  users  and  businesses: “Spam 
is  moving  away  from  being  just  an  annoyance  to 
being  a  security  threat  to  both  individual  users 
and  the  e-mail  system  itself,”  he  says. 

Asked  if  spam  fighters  are  more  passionate 
about  their  work  than  other  technology  profes¬ 
sionals,  Hershkop  is  skeptical.Tm  not  sure,”  he 
says.“Right  now, spam  is  getting  a  lot  of  attention, 
the  same  way  any  other  hot  topic  gets  attention.” 
Hershkop  says  he  believes  the  spam 
plague  will  persist  far  longer  than 
Gates’  prediction  of  mid-2005. 
“Too  optimistic,”  the  grad  stu¬ 
dent  says.“Remember, 
the  current 


e-mail  system  is  in 


HP’s  ProCun/e 
2800  series 


Aggressive  pricing  for  rack-mountable 
switches,  but  performance  lags 


BY  JOHN  BASS,  NETWORK  WORLD  LAB  ALLIANCE 


Ps  latest  entries  into  the  stand-alone  Gigabit  Ethernet  switch  space  —  the 
ProCurve  2824  and  the  2848  models  —  offer  a  $100  per  gigabit  port  price, 
but  the  trade-off  is  less  than  ideal  performance  levels. 


These  models  sport  24  and  48  copper 
lO/lOO/lOOOBase-T  ports,  respectively  as 
well  as  a  typical  set  of  Layer  2  features 
and  limited  Layer  3  routing  functionality 
Each  model  is  housed  in  single,  rack- 
mountable  units  with  Ethernet  ports 
accessible  from  the  front  panel  —  which 
is  organized  well  with  each  port  having  a 
LED  showing  link  speed,  activity  and 
duplex  status.  The  front  panel  also  has 
power,  fan,  redundant  power  supply 
(RPS),and  general  fault  indicators. 

The  Layer  2  features  of  these  boxes 
include  802. IQ  virtual  LAN  (VLAN)  sup¬ 
port,  802. Ip  packet  prioritization  and 
802.  lad  link  aggregation.  Our  tests  found 
that  all  the  Layer  2  features  worked  well. 
In  particular,  the  link  aggregation  tests 
proved  that  the  switches  can  bundle  sev¬ 
eral  Ethernet  links  into  a  logical  link  for 
increased  bandwidth  and  fault  tolerance 
between  switches. 

The  limited  Layer  3  forwarding  could 
be  helpful  in  tying  multiple  VLANs  to  a 
routed  network  via  a  default  IP  route.  For 
example, the  switch  can  be  configured  to 
route  between  a  maximum  of  eight 
VLANs.  You  can  configure  a  total  of  16 


OVERALL  RATING 


Company:  HP,  (800)  752-0900,  www.hp.com 
Cost:  HP  ProCurve  Switch  284&-$4899,  HP 
ProCurve  Switch  2824-  $2499  Pros:  Good 
price,  good  Layer2feature  set  Cons:  Limited 
routing  functionality,  packet  loss  can  affect  | 
performance. 

The  breakdown  I 

Performance  40%  3 
Management/ease  of  use  30% 


Scalability  and  redundancy  20%  4 
installation  and  documention  10%  4 
TOTAL  SCORE  3.6 


Tracking  lost  packets 

This  chart  shows  shows  the  percentage  of  packets  that  were  dropped  in  the 
both  the  HP  ProCurve  2824  and  2848  switches  for  various  loads  (60,80,100%  of 


Layer  2  and  Layer  3 
throughput  tests.  Dropping 
packets  decreases  the  effective 
throughput  of  TCP  connections 
and  causes  quality  degredation 
for  User  Datagram  Protocol  (UDP) 
based  streaming  applications. 
The  actual  effect  of  these 
degradations  vary  between 
networks  depending  on  the 
networks  applications,  host 
systems  and  architecture. 


sizes 

%  Packet  loss 

Packet  size 

60% 

80% 

100% 

(bytes) 

load 

load 

load 

ProCurve  2848 

64 

.00 

.00 

.00 

Layer  2  tests 

1,024 

.00 

.26 

7.78 

1,518 

.00 

.80 

11.22 

ProCurve  2824 

64 

.00 

.00 

.00 

Layer  2  tests 

1,024 

.00 

.00 

.00 

1,518 

.00 

.00 

.93 

ProCurve  2848 

64 

.88 

.94 

.87 

Layer  3  tests 

1,024 

.40 

.61 

8.18 

1,518 

.40 

1.13 

11.52 

ProCurve  2824 
Layer  3  tests 

64 

.00 

.00 

.00 

1,024 

.00 

.00 

.00 

1,518 

.00 

.00 

.91 

routes  plus  one  default  route.  However, 
there  is  no  support  for  any  dynamic  rout¬ 
ing  protocols  such  as  Routing  Internet 
Protocol  or  Open  Shortest  Path  First. 

Performance  was  disappointing  for 
both  switches. 

To  quantify  a  switch’s  throughput,  we 
generally  measure  the  maximum 
throughput  it  can  handle  before  it  starts 
dropping  packets  (see  How  we  did  it  at 
www.nwfusion.com,  DocFinder  1230). 
The  2848  showed  packet  loss  —  albeit  a 
miniscule  amount  —  at  very  small 
loads.  Therefore  we  couldn’t  measure 
throughput  using  our  typical  format.  To 
fairly  characterize  throughput  perfor¬ 
mance,  we  ran  a  packet-loss  test  with 
increasing  loads. 

The  2848  Layer  3  packet4oss  test  veri¬ 
fied  the  constant  small  amount  of  loss 
seen  in  our  initial  test.  The  loss  began 
increasing  at  70%  of  the  maximum  load 
and  it  increased  to  11.52%  loss  with 
1,518-byte  packets  at  100%  load.  As  the 
packet  size  decreased,  the  loss  also 
decreased  (see  chart,  right). 

The  Layer  2  packet  loss  tests  on  the 
ProCurve  2848  showed  zero  loss  for  all 
packet  sizes  with  less  than  70%  of  the 
maximum  load.  Above  this  load  thresh¬ 
old,  packet  loss  increased  until  it  hit  a 
loss  of  11.22%  with  1,518-byte  packets  at 
100%  load.  Again,  the  packet  loss 
decreased  with  smaller  packet  sizes. 

The  2824  Layer  3  packet-loss  test 
showed  a  small  amount  of  loss  at  maxi¬ 
mum  load.  The  packet  loss  increased 
with  packet  size:The  largest  loss  was  0.9% 
loss  with  1,518-byte  packets  at  maximum 
load. The  2824  Layer  2  packet-loss  test  re¬ 
vealed  similar  results. 

HP  engineers  supporting  this  test  said 
they  also  experienced  packet  loss  at 
higher  loads,  but  not  to  the  degree  that 
our  tests  yielded. They  attributed  the  vari¬ 
ation  to  the  fact  that  we  used  different 
gear  than  they  did  in  our  testing. 

The  latency  results  —  9  microsec  or 
less  for  64-byte  packets  at  high  loads  — 
for  Layer  2  and  Layer  3  tests  show  a  typi¬ 
cally  acceptable  latency  level. 

Both  switches  can  prioritize  traffic  by 
Ethernet  802. Ip  values.  Each  port  has 
four  output  queues  with  configurable 


mapping  to  802. Ip  values.  The  queues 
are  serviced  according  to  a  weighted 
round-robin  algorithm.  Our  tests  showed 
that  both  ProCurve  2800  models  operate 
somewhat  as  advertised.  Our  quality-of- 
service  (QoS)  packet-loss  test  showed 
that  802. Ip  values  2  and  3  saw  the  high¬ 
est  packet  loss, and  the  remaining  values 
were  clumped  together  with  a  much 
lower  average  packet  loss.  Our  QoS 
latency  test  showed  that  802. Ip  values  2 
and  3  got  the  highest  latency  (lowest  pri¬ 
ority)  values  1  and  4  get  less  latency  and 
values  5  to  8  get  a  similar  amount  of  low 
latency  (highest  priority).  Although  the 
results  did  not  show  an  ideal  clumping 
of  values  into  four  distinct  groups  of 
packet  loss  and  latency,  the  2800  results 
were  acceptable  and  repeatable. 

These  switches  offer  a  menu-driven 
(only  used  to  initially  configure  the 
switch)  and  command-line  interface 
(CLI)  available  through  the  console  port 
or  a  configured  management  VLAN  via 
telnet  for  overall  management  control. 

The  CLI  has  a  similar  look  as  Cisco’s 
CLI,  although  HP  has  simplified  it  some¬ 
what.  For  example,  you  don’t  have  to  exit 
the  configuration  mode  to  run  other 
commands  within  the  CLI. 

HP  also  offers  a  Web-based  configura¬ 
tion  interface. One  2800  switch  can  act  as 
a  master  administrative  interface  for  up 
to  15  other  switches.  This  interface  is 


nicely  laid  out  and  offers  configuration 
hints  when  you’re  bringing  up  the  switch 
for  the  first  time. 

You  can  send  configuration  files  out¬ 
side  the  switch  via  Trivial  File  Transfer 
Protocol  so  you  can  modify  them  with  a 
text  editor  and  reload  onto  a  large  num¬ 
ber  of  switches.  They  support  a  running 
configuration  and  a  saved  configuration 
that  is  used  when  the  switch  is  rebooted. 
The  running  configuration  is  lost  when 
the  switch  is  rebooted. 

These  switches  also  support  port  mir¬ 
roring  to  let  one  port  mirror  the  packets 
being  sent  to  and  from  another  port. 
This  is  a  necessity  for  getting  packet 
traces  while  troubleshooting  enterprise 
networks. 

Reboot  takes  about  80  seconds,  a  typi¬ 
cal  time  for  this  level  of  switch. 

Overall,  these  switches  could  be  a 
decent  fit  at  the  access  layer  if  you  want 
to  aggregate  lots  of  high-speed  desk¬ 
tops.  Because  desktops  typically  don’t 
operate  at  full  bandwidth  all  the  time, 
the  performance  issues  we  note  might 
not  adversely  affect  the  network. 

Bass  is  a  senior  technical  staff  member  at 
North  Carolina  State  University's  Centen¬ 
nial  Networking  Labs  (CNL)  in  Raleigh.  He 
can  be  reached  at  john_bass@ncsu.edu. 
Chintan  Desai  and  Reza  Manavi  of  CNL 
assisted  with  the  testing. 


SERIOUS  EVENT  LOG  MANAGEMENT. 

WITHOUT  THE  BULL." 


Installing  some  of  today's  mega  management  software  packages  is  often 
like  unleashing  a  bull  in  a  china  shop,  or  at  least  in  your  network. 

This  is  why  Dorian  Software  Creations'  modular  approach  lets  you  decide 
and  deploy  the  event  log  management  strategy  that  works  best  for  you  and 
best  meets  your  needs. 

Look  to  Event  Archiver™  for  automated  log  collection,  Event  Analyst™  for 
log  filtering  and  reporting,  and  Event  Alarm™  to  monitor  your  log  files. 
Finally,  they  combine  to  provide  the  only  patent  pending  total  solution  for 
event  log  management,  without  the  bull. 


For  a  free  white  paper  and  other  tools  to  help 
you  build  an  affordable 
event  log  strategy,  visit 

www.doriansoftware.com/roi. 


IT  execs  tackle  to-do  lists 

Loosening  purse  strings  and  affordable  technology  allow  delayed  agendas  to  get  addressed. 


■  BY  ANN  BEDNARZ 

Sutter  Health  put  off  a  major  IT  initiative  for 
years  because  it  was  daunted  by  the  pro¬ 
ject’s  complexity  Now,  the  nonprofit  health¬ 
care  organization  is  going  forward  with  its 
plans  to  integrate  patient  data  scattered 
across  dozens  of  different  systems. 

The  right  technology  became  available,  and  what 
seemed  undoable  is  getting  done, says  John  Hummel, CIO 
at  the  Sacramento,  Calif.,  company. 

“It  sounds  simplistic  enough,  the  idea  of  centralizing 
patient  data,”  Hummel  says.  “But  it’s  extremely  difficult  to 
get  all  the  disparate  pieces  of  information  together  and 
have  them  make  sense.” 

Adding  to  the  challenge  is  that  Sutter  maintains  more 
than  100  different  databases;  records  pertaining  to  any  one 
patient  might  be  in  50%  to  60%  of  them,  Hummel  says. 
“There  is  huge,  pent-up  demand  for  a  reasonable  way  to  do 
[enterprise  master  patient  index].  It’s  a  big, hairy  deal.” 

Sutter  wanted  to  create  a  master  patient  index  as  early  as 
1999  but  put  off  the  effort  because  of  the  high  cost.  Other 
healthcare  organizations  have  paid  up  to  $1  million  per 
hospital  to  retrofit  patient  systems  to  a  new  master  record 
schema,  Hummel  says.  Sutter  was  determined  to  avoid 
going  that  complex  route. 

The  company  found  an  alternative  in  Initiate  Systems’ 
Identity  Hub  software.  Because  the  product  links  data 
from  disparate  systems  without  requiring  changes  to  exist¬ 
ing  records,  Sutter  says  the  project  costs  are  significantly 
less  than  they  would  be  with  other  options.  He  estimates 
that  it  will  cost  about  $4  million,  or  $1  per  patient. 

Last  year  Sutter  began  rolling  out  the  Initiate  software  to 
three  of  its  30  hospitals.  By  2006,  Hummel  expects  to  have 
expanded  the  implementation  across  nearly  all  the  Sutter 
Health  network. 

More  stalled  IT  projects  are  getting  done  these  days, 
analysts  say.  One  reason  is  the  improving  economy 

In  its  most  recent  TechStrat  Survey,  published  in  late 
February;  Merrill  Lynch  found  CIOs  are  more  optimistic 
than  they’ve  been  in  years.  Among  respondents,  73%  say 
their  business  is  getting  better  —  the  highest  percentage 
since  2001,  according  to  the  firm. 

As  a  result,  38%  of  respondents  say  their  CFO  is  loosen¬ 
ing  the  purse  strings.  Roughly  one-third  are  spending 
more  on  IT  because  they  haven’t  bought  much  for  three 
years,  Merrill  Lynch  says.  The  availability  of  affordable 
technologies  also  is  spurring  investment,  users  say 

For  Mother  Jones,  a  content  management  system  was  on 
the  “impossible  list"  until  the  nonprofit  media  company 
found  a  suitable  product  with  a  reasonable  price  tag,  says 
Ld  Homich,  product  manager  at  the  San  Francisco  com¬ 


pany  With  a  new  hosted  content  management  system  from 
software  maker  Atomz,  the  IT  team  can  make  site-wide 
changes  in  a  matter  of  minutes.  Before,  it  took  more  than  a 
month  to  make  a  universal  change  to  all  site  content 
because  Mother  Jones  had  many  different  —  and  discon¬ 
nected  —  content  sources,  he  says. 

Additionally  the  Atomz  software  doubles  the  available 
space  on  Mother  Jones’ Web  pages  for  sponsorships  and 
advertising  —  a  feature  that  helps  further  justify  the  prod¬ 
uct  rollout,  Homich  says. 

Mother  Jones  declined  to  say  how  much  it  is  paying  for 
its  new  content  management  system,  though  Atomz  says 
typical  pricing  for  application  access  and  technical  sup¬ 
port  ranges  between  $50,000  and  $150,000  per  year. 

Spending  to  boost  service 

AMR  Research  found  66%  of  IT  executives  polled  in 
January  are  increasing  their  IT  budgets  in  2004,  compared 
with  only  47%  in  a  poll  conducted  last  fall.  Among  respon¬ 
dents,  48%  say  that  customer-driven  issues  will  have  the 
greatest  influence  on  IT  investments  over  the  next  year. 

Mills  &  Reeve  agrees  —  the  British  law  firm  is  going 
ahead  now  with  a  CRM  project  that  it  has  mulled  over  for 
years.  But  in  this  case  money  was  less  of  an  obstacle  than 
mindset,  says  Duncan  Ogilvy,  knowledge  management 
partner  at  the  firm’s  Cambridge  office. 

The  firm  knew  it  needed  software  to  help  manage  its 
client  information. When  Mills  &  Reeve  was  founded,  it  was 
small  enough  that  the  partners  could  get  together  once  a 


SNAPSHOT:  SUTTER  HEALTH 

Company:  Network  of  30 

hospitals  with  4  million  patients. 

Headquarters:  Sacramento,  Calif. 

IT  budget:  2%  of  net  revenue;  $100 

million  in  2003. 

IT  staff:  972  personnel. 

Current  IT  priorities: 

•  Creating  enterprise  master  patient 
index. 

•  Investigating  a  patient  barcode 
system. 

•  Enabling  video  and  electronic 
monitoring  of  critically  ill  patients. 

t  1  IfA'f 

OHMS  . 

•  Upgrading  existing  frame  relay 
network  to  ATM  and  MPLS. 


week  and  share  information  about  clients,  project  status 
and  legal  news,  Ogilvy  says.  Now  that  the  250-lawyer  firm 
maintains  offices  in  four  cities  and  lawyers  tend  to  spe¬ 
cialize  more,  it’s  hard  to  keep  partners  abreast  of  what’s 
going  on  across  the  firm’s  core  practice  groups. 

Client  information  sits  in  four  major  repositories,  and  the 
firm  has  been  inefficient  about  tying  together  those  sys¬ 
tems,  Ogilvy  says.  That  has  led  to  errors  —  sending  corre¬ 
spondence  to  an  ex-client,  for  example. 

In  addition,  the  firm  has  not  been  systematic  in  the  way  it 
approaches  new  business  or  takes  advantage  of  cross-sell¬ 
ing  opportunities.“We’ve  failed  to  learn  as  an  organization 
what  we  know  as  individuals,”  he  says. 

CRM  software  offered  a  way  to  keep  Mills  &  Reeve’s  client 
information  organized  —  from  the  mundane, such  as  con¬ 
tact  information,  to  the  strategic,  such  as  who  in  the  firm 
has  a  relationship  with  a  client.  But  until  the  firm  commit¬ 
ted  to  using  the  software  and  took  steps  to  clean  up  its 
data,  the  CRM  project  team  wouldn’t  give  the  go-ahead, 
Ogilvy  says. 

“The  test  was  our  willingness  to  get  ourselves  into 
shape,”  Ogilvy  says.  Having  secured  senior-level  commit¬ 
ment  to  the  project,  Mills  &  Reeve  chose  CRM  software 
from  Interface  Software  at  the  end  of  last  year  and  is 
designing  a  pilot  project.  He  says  he  expects  the  project 
to  cost  about  $720,000, “which  is  significant  for  a  firm  of 
our  size.”  Most  of  the  cost  is  associated  with  the  time  the 
firm  will  spend  inputting  data  and  maintaining  the  sys¬ 
tem,  not  with  license  fees.  ■ 


John  Hummel,  CIO,  Sutter  Health 
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Cyclades'  data  center  management  solutions  offer  a  full  range 
of  security  features  across  its  entire  product  line  of  console  servers, 
power  management,  KVM,  biometric  scanner  and  network  management. 

With  SSH  v2,  IP  Filtering,  strong  authentication,  event  logging  and 
data  logging,  Cyclades  can  make  your  network  into  a  secure 
heavyweight  contender  in  the  data  center  world. 

For  a  FREE  white  paper  on  data  center  security,  please  visit  us  at  www.cyclades.com/securitywp 


Fingerprint  Authentication  Scanner 

AlterPath™Bio 


Enterprise  KVM  Solutions 

AlterPath“KVM 


Advanced  Console  Servers 

AlterPath,MACS 


Network  Management  Gateway 

AlterPath™  Manager 


Intelligent  Power  Distribution  Units 

AlterPath™  PM 
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Who's  Protecting 


Your  HetworkP 


GTA's  Firewall  Team 

Tough  Network  Security 


✓  Building  Firewalls  for  over  10  years 

✓  ICSA  4.0  Corporate  Certification 

✓  5  appliances  to  match  your  network  needs 

✓  Easy,  Flexible  Implementation  Options 

✓  IPSecVPN 

✓  Affordable  pricing 


Global 
Technology 
Associates,  Inc. 


1-800-775-4GTA  •  www.gta.com  •  lnfo@gta.com 


Anywhere,  Anytime  Secure 
Console  Port  Management 


Download  your  free  guide! 

8  Key  Reasons  Why  Administrators 
Rely  on  Console  Port  Management 
Solutions  at  www.equinox.com/ccm4 

For  a  30-day 


When  business  critical  servers  or  networks 
malfunction,  the  Equinox  CCM  console 
manager  gives  you  the  tools  to  securely 
and  quickly  restore  normal  functionality. 


Available  in  8  and 
16-port  models. 

Call  for  more  details 
on  48-port  model. 


Power 

Control 


Linux  Server 
Windows  Server 
Unix  Server 
Switch 


AVWorks™  management  software  and 
the  CCM  console  manager  integrate 
with  Avocent’s  KVM  over  IP  switches 
and  intelligent  power  controllers  to 
offer  total  data  center  management 
from  a  single  application. 


With  the  CCM  you  can: 

■  Be  organized 

■  Tighten  security 

■  Manage  users 

■  Establish  permissions 

■  Be  proactive 

■  Log  critical  events 


EQUINOX” 

an  Avocent  Company 


«• — 


CCM  solutions  include: 

■  SSH  v2/Telnet  host 

■  Strong  authentication 

■  Offline  buffering 

■  SUN  break  safe 

■  In/out  of  band  access 

■  Point  and  click  access 


Dial  Access  Client  J  J  Client 

Local  Terminal 

product  evaluation,  call  1-800-275-3500  ext.  247  or  954-746-9000  ext.  247 


CCM1S40 


Serial 


Telnet 

Client 


SSH 

Client 
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APC  solves  top  4  rack  problems. 


Solve  your  most  pressing  rack  problems: 

1)  cabling  nightmares  2)  hot  spots  3)  blown 
circuit  breakers  4)  brand  incompatibility. 

The  APC  NetShelter®  VX  lets  you  easily 


respond  to  future  requirements  and  change. 
Plus,  the  NetShelter  VX  comes  with  the 
"Fits  Like  a  Glove"*  money-back  guarantee 
to  ensure  compatibility  with  all  IT  equipment. 


Whether  you  need  a  simple  solution  or  are 
thinking  big,  you  can  depend  on  just  one  ven¬ 
dor  of  choice.  Visit  us  today  at  www.apc.com. 


.HP/COMPAQ  •  SUN  •  IBM 


GUARANTEED 

COMPATIBILITY 


DELL  •  CISCO  •  LUCENT 


# "Fits  Like  a  Glove"  guarantees 
that  all  brands  of  EIA-310-D 
compliant  equipment  fit  inside. 


NetShelter® VX  Enclosures  (x-certifiedi 

Next  generation,  high-quality  enclosures 

•  Fully  ventilated  front  and  rear  doors  with  enhanced  ventilation  pattern  maximize  airflow 

•  Overhead,  base  and  side  cable  access  provides  easy,  integrated  cable  management 

•  Rear  Cabling  Channel  (42" deep  versions  only)  allows  for  easy  installation, 
access  and  serviceability  of  both  data  cables  and  power  distribution 

•  Available  in  multiple  configurations:  35.5"  deep,  42"  deep,  beige  or  black 

NetShelter®  Open  Frame  Racks  ix-certifiedi  [4-post oniyi 


Economical  solutions  for  wiring  closets  and  networking  applications 

•  Designed  to  accommodate  networking  devices  such  as  hubs,  routers  and  switches 

•  Industry  standard  7'  high  design  provides  45U  of  equipment  mounting  space 

•  Self-squaring  design  allows  one-person  assembly 

•  Made  of  high-strength  6061 -T6  structural-grade  aluminum 


Rack  Air  Removal  Unit  (ARU)  (x-ofrtififdi 

Heat  removal  for  enclosures  in  IT  rooms  and  data  center  hot  spots 

.  Enables  up  to  7.5kW  of  power  consumption  in  a  rack,  without  taking  up  U  space 
.  Automatic  fan  speed  adjustment  leads  to  greater  energy  efficiency 
.  Dual-power  input  cords  allow  the  unit  to  attach  to  redundant  power  sources 
.  Ducting  kit  to  drop  ceiling  plenum  allows  higher  temperature  from  equipment 
exhaust  to  be  delivered  directly  to  A/C  return  stream 


Power  Distribution  Units ..(x-c.erile.ledl) _ 

Distribute,  monitor,  and  remotely  control  power  in  rack  enclosures 

•  Basic:  Vertically  and  horizontally  mounting  ^ 

with  a  range  of  amps  and  voltages 


•  Metered:  Ability  to  monitor  the  current  draw  and  set  alarm  thresh¬ 
olds  that  when  exceeded,  provide  both  visual  and  audible  alarms 


•  Switched:  Offer  individual  outlet  control,  power  on  and 
off  displays,  current  monitoring,  alarm  thresholds  and 
network  management. 


Environmental  Management  Unit  (x-cfriififd) 

Networked  appliance  enables  management  of  a 
wide  range  of  access  and  environmental  conditions 

•  Browser-accessible  1U  rack-mountable  appliance 

•  Monitor  third-party  devices  via  8  input  contacts 

•  Control  third-party  devices  via  2  output  relays 

•  Early  warning  notifications  to  appropriate  personnel 


LCD  Monitors  (x-p.frtififdi 

1U  rackmountable  integrated  LCD,  keyboard  and  mouse 

•  Occupies  only  111  of  rack  space  compared  to  the  10U 
to  13U  of  space  required  by  a  traditional  CRT  monitor 


Take  the  APC  Rack  Challenge,  find  out  how  the  new 
NetShelter®  VX  outperforms  your  brand  and  get  a  FREE  T-shirt* 

Visit  httpy/promojpcxom  Key  Code  p987y  •  Call  888-289-APCC  x6688  •  Fax  401-788-2797 

E-mail:  esupp<xt@apcc  com  •  132  Fairgrounds  Road,  West  Kingston,  Rl  02892  USA  •  APC1B4EF-USb  •  "First  100  respondents  only. 
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Local  or  Remote  Server  Management  Solutions 


SERVERS  WITHIN  YOUR  REACH 
FROM  ANYWHERE 


'A  KVM  switch  allows  single  or  multiple 
(ypirkstations  to  have  local  or  remote  access  to 
..  .  multiple  computers  located  in  server  rooms  or 
t?‘  Ton  tbp  desktop  regardless-  of  their  platforms 
j.,';.-  ^d"  operating  systems.  KVM  switches  have 
rSf  -traditldnaliy  provided  cost  savings  in  reducing 
:  energy  and  equipment  costs  while  freeing  up 
.  valuable- real  estate. 

'  V  .  '  - 

-  Recognized  as  the  pioneer  of  KVM  switch 
1=  technology,'  Rose  Electronics  offers  the 
.  "  industry's  most  comprehensive  range  of 
...  server  management  products  such  as  KVM 
-  switches,  extenders  and  remote  access 
’  solution?.:  Rose  Electronics  products  are 
’  known  for  their  quality,  scalability,  ease  of  use 
and  innovative  technology. 


Rose  Electronics  is  privately  held  with  world- 
headquarters  in  Houston,  Texas  and  sells  its 
products  worldwide  through  a  large  network  of 
Resellers  and  Distributors.  Rose  has 
operations  in  the  United  Kingdom,  Spain, 
Germany,  Benelux,  Singapore  and  Australia. 


TO  1000  COMPUTERS 


Raclcview™ 


KVM  RACK  DRAWER  WITH  KVM  SWITCH  OPTION 


Rose  Electronics 
10707  Stancliff  Road 
Houston,  Texas  77099 


ROSE  US  4-281  933  7673 

ROSE  EUROPE  444  (0)  1 264  850574 

ROSE  ASIA  4-65  6324  2322 

ROSE  AUSTRALIA  4617  3388  1540 


Connects  up  to  1000  computers  to  a  KVM  station 
Models  for  4,  8,16  computers 
Advanced  visual  interface  (AVI) 

Compatible  with  Windows,  Linux,  Solaris,  and  other  O/S 
Connects  to  PS/2,  Sun,  USB,  or  serial  devices 
Converts  RS232  serial  to  VGA  and  PS/2  keyboard 
Free  lifetime  upgrade  of  firmware 
Security  features  prevent  unauthorized  access 
Full  emulation  of  keyboard  and  mouse  functions  for  automatic, 
simultaneous  booting 
Easy  to  expand 


# 


ELECTRONICS 


•  Connects  1,000  computers  to  multiple  user  stations 
over  IP  or  locally 

•  High  quality  video  up  to  1280  x  1024 

•  Scaling,  scrolling,  and  auto-size  features 

•  Secure  encrypted  operation  with  login  and  computer 
access  control 

•  Advanced  visual  interface  (AVI) 

•  No  need  to  power  down  servers  to  install 

•  Free  lifetime  upgrade  of  firmware 

•  Available  in  several  models 

•  Easy  to  expand 


800  333  9343 

WWW.ROSE.COM 


ACCESS  OVER  IP  OR  LOCALLY 


Web  Based  Boot  Bar 


Yes,  you  can  Switch 
Power  over  the  Internet 


Servers,  routers,  and  other  electronic  equipment  sometimes 
“lock-up,”  often  requiring  a  service  call  to  a  remote  site  just  to  flip 
the  power  switch  to  perform  a  simple  reboot... 

The  NBB  “Mini”  Boot  Bar  Power  Switch,  gives  you  the  ability  to 
perform  this  function  from  anywhere! 

B  Web  Browser  Access  for  Easy  Operation 
B  Telnet  and  Serial  Access 
a  Encrypted  Password  Security 
m  Five  individual  Outlets 
B  Power-up  Sequencing 
sa  On  /  Off  /  Reboot  Switching 
ifi  Versatile  Zero  U  Mounting 
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NETWORK  BOOT  BAR 

LOCATION:  NBB  Live  Demo  Unit 


SWITCH  PANEL  Firmware  Version:  1.01 
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In  order  to  manage  the  equipment  in  all  38  regional 
offices,  Fred  bought  27,000  miles  of  serial  cable. 


LANTRONIX 


V' 


Next  time  he  should  install 
a  Lantronix  Console  Server.... 


Poor  Fred.  Apparently  he  doesn’t 
realize  that  a  Lantronix  Console 
Server  would  make  his  life  a  whole  lot  easier.  It  doesn't  matter  if 
you  have  devices  down  the  hall  or  in  the  Helsinki  Regional  Office, 
a  Lantronix  Console  Server  provides  secure,  remote  access-even 
when  the  company  network  goes  down.  Servers,  routers, 
switches-you  name  it-all  can  be  safely  monitored  and  managed 
anytime,  from  anywhere  in  the  world.  Not  only  will  you  minimize 
downtime,  but  you’ll  no  longer  have  to  jet  a  technician  across  the 
continent  on  one  of  those  "no  fault  found"  boondoggles.  And  you’ll 
save  a  bundle  on  serial  cable  besides. 


To  find  out  more  about  how  a  Lantronix  Console  Server  could  have 
simplified  Fred's  life,  visit  www.NoFredNo.com/nw1. 


Test-drive  the  new  Observer  9  today  and  see  how  it  immediately 
finds  problems  you  didn’t  know  you  had,  optimizes  network  traffic 
and  provides  insight  for  future  planning.  Call  800-526-5958  for 
a  full  featured  evaluation  or  visit  our  website  at 

www.networkinstruments.com/nine  ; 

. 

S'  .  -  X 

Introducing  Observer  9  -Mfc, 

•  New  Application  Analysis 

•  Remote  probes  now  provide  multi-interface  and 
multi-session  support 

•  Industry-first  4G8  packet  capture  buffer  /  .  V  .f: 

•  Wireless  Site  Survey  Modes  a  7-0\ 

•  Nanosecond  resolution 

•  Now  over  450  Expert  Events 

•  SNMP.  RM0N  and  now  HCRMON  support 


OBSERVER 


HAPPEN. 


US  &  Canada  Toll  free:  (800)  526-5958  •  Fax:  (952)  932-9545  • 

•  One  Network  Complete  Control 

NETWORK* 

INSTRUMENTS 


UK  &  Europe:  +44  (0)  1 959  569880 

Wired  to  Wireless  •  LAN  to  WAN 


www.networkinstruments.com/Rhic 
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Custom  Management  Levels 


•  Decode  over  500  protocols 

•  Long-term  network  trending  &  analysis 

•  Real-time  statistics 


EXPERT  OBSERVER 

•  What-lf  Modeling  Analysis 

•  Expert  Analysis 

•  Connection  Dynamics 


OBSERVER  SUITE 

•  Complete  SNMP  device  management 

•  Supports  full  RM0N1,  RM0N2,  HCRMON 

•  Web  Publishing  Reports 


Remote  &  Hardware  Options 


REMOTE  NETWORKING  PROBES 

•  Fully  distributed 

•  Monitor  up  to  64  NICs  simultaneously 

•  New  levels  of  problem  solving  collaboration 


GIGABIT  &  WAN  HARDWARE  OPTIONS 

•  Portable  analyzer  systems 

•  Rack-mount  Probes  ready  to  go 

•  Direct,  passive  link  for  Independent  views 
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Introducing  the  new 
HotBrick  family  of 
lira  walls  &  managed 
secure  switch  i*... 


TTT1  n 


HotBrick 


n  n  - 


Get  your 
Free  Personal 
firewall  software 

www.hotbrick.com/download 


Call  for  more  info  (877)  468-2742 
or  visit  us  online  at  www.hotbrick.com 
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Don't  get  hacked,  get  HotBrick 


Power  Control 
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What’s  Your 


Verify  Amps  Used  per  Circuit 
r  with  Sentry  Input  Current  Monitor 

Precisely  measure  the  current,  in  amps, 


■■pi 

;  •  for  each  power  circuit 


j||Ip 

•  Overcurrent  alarms 

■mm 
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/'  ■ ; •  .  Remote  Measurement  via  IP  or  RS-232 

•  Eocal  Measurement  via  digital  display 
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Server  Technology,  Inc. 


[0^> 


V 

itVw, 


1040  Sandhill  Drive  Reno,  Nevada  89511  USA 
web:  www.servertech.com  toll  free:  1.800.835.1515 


In  business  since  1 989,  ASA  builds 
custom  computing  and  storage  solutions 
compatible  with  open-source  OS  (BSD,  Linux)  and 

"also  Solaris  and  Windows.  ASA  has  always  enjoyed  strong 
financial  stability  and  a  loyal  customer  base. 


ASA  —  Custom  Servers  and  Storage 

www.asacomputers.com  •  866-382-5263 

2354  Calle  Del  Mundo,  Santa  Clara,  CA  95054 

For  details/inquiries/customization  email  sales@asacomputers.com 

All  systems  are  pre-loaded  with  any  Linux/BSD  version/distribution  of  your  choice.  On-site  warranty,  cross-ship  options  available. 


MINI  SUPER  For  Clusters 


1U  14"  Depth 

1  of  2  Intel®  Xeon™  processors  2.4  GHz 
Serial,  VGA,  USB  2.0,  Mouse,  Keyboard 
All  ports  Front  Accessible 
1  x  10/100,  1  x  Gigabit  LAN 
51 2  MB  DDR  ECC  (Max  8  GB) 

Options:  CD,  Floppy 


$1249 


NO-FRILLS  STORAGE  SERVER 


6  TB  IDE/SATA  storage  in  5U  ! 

Dual  Intel®  Xeon™  processors  2.4  GHz 
512  MB  DDR  ECC  (Max  8  GB) 

6  TB  IDE  Raid  Storage 
Dual  Gigabit  LAN,  CD 

Options:  Serial  ATA  Drives,  Firewire.  DVDiRW. 
CDRW,  64-bit  OS  configuration,  Additional  LAN, 
Floppy,  Fiber  Gigabit 
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Tel:  877-373-2700 
www.ims-4000.com 


Phonetics,  Inc. 
901  Tryens  Road 
Aston,  PA  19014 


\MS 


<uvZ 


Internal 

UPS 


BE  NOTIFIED  BEFORE  CRITICAL  EVENTS  TURN  INTO  DISASTER! 


•  Eight  environment  inputs 

•  Power  sensing 

•  Monitors  64  IP  addresses 

•  Send  alerts  to  64  people 

•  8  methods  of  contact 

•  Calendar  scheduling 

•  Expands  to  256  sensors 

•  Remote  power  control 

•  Optional  camera 


The  Sensaphone  IMS-4000  Infrastructure 
Monitoring  System  monitors  critical  environ¬ 
mental  and  network  elements  in  your  server 
room,  data  center,  or  telecomm  installation  and 
reports  to  you  instantly  when  events  threaten 
your  infrastructure.  The  IMS-4000  keeps  watch 
so  you  don't  have  to.  See  these  features  and 
more  on  the  web  at  www.ims-4000.com 


Embedded 

Web 

Server 


Sends 

E-Mail 


Power 

Outage 


Microphone 

for  Sound 
Monitoring 


Sends 

SNMP 

Messages 


Monitors 

64 

IP  addresses 


Control 

Interface 


8  RJ-45  Sensor  Inputs 

(Temperature,  Humidity, 
Water,  Motion,  Power, 
Smoke/Tire) 


Ethernet 

Port 


Internal  Voice, 
Modem 
&  Pager  Port 


SENSAPHONE® 

IMS-4DOO 


www.opmanager.com  30  Day  Trial 

Download 


AdventNet 


Keep  IT  simple 


ManageEngine 

ty^OpM; 

Network,  Systems  and  Application  Management 


Take  control  of  your  network,  systems  and  application 
infrastructure  before  it  controls  you.  OpManager  provides 
integrated  management  for  IT  infrastructure. 

Move  to  integrated  management.  Try  OpManager  today. 


Available  for  Linux,  Solaris  and  Windows 


WWW.SUITCASE.COM 

Luggage,  Fine  Leather  Goods,  Gifts,  and  more! 

Tumi,  Hartmann,  Andiamo,  Samsonite,  Cross 

10%  discount  for  Network  World  readers 
Enter  code  NWW2004 


Attention  Resellers! 


SECUREMATICS 

The  Right  decision  for  Security  Products 

Best  Source  for  S0NICWALL 
Security  Products! 

LIMITED  TIME  OFFER! 

•  Eam  1  FREE  SonlcU  e*Trainlng 
Class  for  every  $15K  in  SonlcWALL 
purchases  from  Securematics.” 

•  New  SonlcWALL  Resellers  will  receive  1  FREE 
SonlcU  Electronic  Training  Course  with  purchase 
of  any  Demo  Unit 


Securematics  is  a  SonicWALL  Authorized  Distributor  &  Training  Partner 
To  sign  up  for  the  Medallion  Partner  Program,  please  contact  us. 

Call  -  888-746-6700  sales@securematics.com  www.securematics.com 


Production  Tracking  Over  Ethernet 


'bbbbqM] 

BBBBQB 

QBBE5C3B 

BBBBSta 


Eliminate  your  shop-floor 
PCs  with ... 

Ethernet  Terminals  from 
Compute rWise  connected  to 
your  in-house  LAN. 

Capture  production  data 
directly  into  files  on  your 


server. 
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Features  C  Benefits 

•  Interactive  Telnet  Client 

•  TCP/IP  over  10/1  OOBaseT  Ethernet  /  -Iju 

•  Built-in  Barcode  Badge  Reader 

•  Optional  Mag-Stripe  &  RFID  Badge  Reader 

•  Auxiliary  RS-232  Serial  port  '  f4v' 

.  v  -  v  Mm 

•  Customizable  Data  Collection  £9^^  . 

Program  Included 

•  Larger  keyboard  and 
display  sizes  available  „ 
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MS’. gg?  ,apa,  -»>  a»nB»  Instantly  Search  Gigabytes  of  Text  Across 
li  a  PC,  Network,  Intranet  or  Internet  Site 


Publish  Large  Document  Collections 
to  the  Web  or  to  CD/DVD 


♦  over  two  dozen  indexed,  unindexed,  fielded  &  full-text  search  options 

♦  highlights  hits  in  HTML,  XML,  &  PDF  while  displaying  embedded 
links,  formatting  &fTT?EW&l 

♦  converts  other  file  types  (word  processor,  database,  spreadsheet, 
email,  ZIP,  Unicode,  etc.)  to  HTML  for  display  with  highlighted  hits 


‘The  most  powerful  document  search  tool  on  the  market’ 

-Wired  Magazine 


“Intuitive  and  austere  ...  a  superb  search  tool”  -PC  World 


“Blindingly  fast”  -Computer  Forensics:  Incident  Response  Essentials 


“A  powerful  arsenal  of  search  tools”  -The  New  York  Times 


dtSearch  “covers  all  data  sources ...  powerful  Web-based 
engines”  -eWEEK 


J 

J 

J 

J 


“Searches  at  blazing  speeds”  -Computer  Reseller  News  Test  Center 


In  the  past  two  years,  over  half  of  the  Fortune  15  purchased 
dtSearch  developer  ox  network  licenses. 


1  -800-IT-FINDS 

sales@dtsearch.com 


See  www.dtsearch.com  for: 

♦  hundreds  of  developer  case  studies  &  reviews 

♦  fully-functional  evaluations 


dtSearch 


Industrial-strength.. 
superb"-pc  Magazine 


dtSearch 


Industrial-strength.. 
superb"-pc  Magazine 


dtSearch 


dustrial-strength ... 
merb"-PC  Magazine 


dtSearch 


dtSearch 
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network 


for  CD /DVD 
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Industrial-strength.. 
<unerb"-PC  Magazine 


"Industrial-strength.. 


superb  -PC  Magazine 


♦  from  $2,500 


♦  from  $800 


The  Smart  Choice  for  Text  Retrieval®  since  1991 
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Communicating  through  technology 


THE  NETWORK  SPECIALISTS 


WRC^NET 

«q®» 


WORLDWIDE  PROVIDER 
OF  NETWORK 
HARDWARE 
SINCE  1981! 


letwork  Hardware 


Memory 


•  Tl/El  &  T3/E3  Modems 

•  RS-232/422/485  Modems  and 
Multiplexers 

•  IBM  3270  Coax,  AS400  Twinax,  and 
R S 6 0 0 0  Modems  and  Multiplexers 

•  LAN  -  Arcnet/Ether n et/T o k e n  Ring 

•  Video/Audio/Hubs/Repeaters 

•  I S  0  -  9  0  0 1 


Toll  Free  866  SITech-1 
630-761-3640,  Fax  630-761-3644 
www.sitech-bitdriver.com  or  www.sitechfiber.com 
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..... — 


To  advertise  in  Network  World's  Marketplace 
call  Jayson  Cooper  at  1.800.622.1  108 


Senior  Developers  needed 
Seeking  qualified  candidates 
possessing  MS  or  equiv.  and/or 
rel.  work  exp.  Degree  must 
include  coursework  in  Object 
Oriented  Programming  and 
Modern  Operating  Systems  or 
related.  Job  duties  include: 
Research,  design  and  develop 
software  systems.  Analyze  and 
develop  feasible  computer  solu¬ 
tions  for  business  propositions 
and  operational  needs  of  clients 
using  modern  operating  sys¬ 
tems.  Troubleshoot  and  debug 
systems  Travel  to  set  up  soft¬ 
ware  systems  and  train  users. 
Work  w /  J2EE,  Webservices. 
Java,  C++.  ASP  and  Perl.  JOB 
IS  LOCATED  IN  SALT  LAKE 
CITY.  UT.  Mail  res.,  trans,  ref. 
&  sal.  reqs  to:  SBI  Group,  Inc., 
410  Townsend  Street,  San 
Francisco,  CA  94107. 


Project  Leader  (Colorado) 
Understand  client  requirements 
to  develop,  test,  implement,  and 
maintain  business  application 
systems  using  VSCOBOL  11, 
COBOL,  JCL,  SAS.  VSAM, 
DB2,  CICS,  SPUFI,  QMF, 
PROEDIT,  PANVALET,  PLAT¬ 
INUM,  XPEDITER,  FILE  AID.  40 
hrs  per  week,  8:00  a.m.  -  5:00 
p.m.,  $57,450  per  year  B.S.  in 
Computer.  Engg  or  related  field 
req'd,  plus  5  yrs  experience  on 
the  job,  or  5  yrs  experience  in 
any  occupation  involving  soft¬ 
ware  engineering  or  similar 
duties.  Application  is  by  resume 
only.  Send  resume  to  Workforce 
Development  Programs,  P.O. 
Box  46547,  Denver,  CO  80202, 
and  refer  to  order  number 
C05071407. 


itcareers.com 
can  solve  the 
labyrinth  of 
job  hunting  by 
matching  the 
right  IT  skills 
with  the  right 
IT  position. 
Find  out  more 
at: 

www.itcareers.com 


Project  Manager,  Alpharetta: 
Manage  deployment  process, 
incl.  design,  development,  coor¬ 
dination  &  maintenance  of  data 
management  system  for  collec¬ 
tion  of  field  data  from  remote 
locations  &  for  client  billing  pur¬ 
poses:  coordinate  data  to  be 
accessed  by  clients  via  corpo¬ 
rate  website  &  24  -hr  automated 
account  inquiries;  manage  inte¬ 
gration  of  recording  equipment 
into  client  locations;  document 
technical  requirements  neces¬ 
sary  for  redesign  of  systems. 
Lead  small  internal  development 
team.  Req:  Bachelors  (or  foreign 
equiv)  in  any  field  +  4  yrs  in  job 
or  as  Project  Manager  -  Data 
Management  Systems  (any 
industry).  Send  resume  to  US 
Energy.  1455  Alderman  Drive, 
Bldg  100,  Alpharetta,  GA  30005. 


Biostatistician 

The  Medical  College  of  Wiscon¬ 
sin  is  seeking  a  Biostatistician. 
The  biostatistician  position  is 
responsible  for  providing  statisti¬ 
cal  analysis  and  programming 
support  for  research  projects. 
Qualified  candidates  must  pos¬ 
sess  a  Master's  degree  in 
Statistics,  Computer  Science, 
Computing  or  Bioinformatics,  as 
well  as  one  year  of  prior  work 
experience  as  a  computer  soft¬ 
ware  professional  and  knowl¬ 
edge  of  bioinformatics  analysis 
tools,  UNIX,  Matlab,  C++,  FOR¬ 
TRAN,  and  statistical  analysis 
packages  SAS,  S-Plus  or  SYS- 
TAT.  Interested  applicants 
please  provide  a  resume  and  a 
cover  letter  with  salary  require¬ 
ments  to:  Medical  College  of 
Wisconsin,  Attn:  Employment 
Office  -  JMC0322,  8701  Water- 
town  Plank  Rd.,  Milwaukee,  Wl 
53226,  Fax:  414-456-6502. 


Corporate  Computer  Services 
(CCS)  has  multiple  openings 
for  System/Programmer  An¬ 
alysts,  S/W  Engineers,  both 
entry  &  experienced  levels 
(minimum  BS).  Skills  in  C/C++, 
VB,  Oracle  are  plus.  We  are 
small  but  we  do  not  lay  off. 
Attractive  wage  w /  benefits. 
Apply  HR@ccsiusa.net.  EOE. 

ShellSoft  seeks  IT  profession¬ 
als  (programmer/system  ana¬ 
lysts,  software  engineers),  pro¬ 
ject  en-gineers.  Our  minimum 
requirement  is  BS.  Good  skills 
using  Oracle,  VB,  SAP,  SQL, 
Java,  C/C++  preferred.  Some 
position  requires  travel.  Please 
send  resume  to  iobs@shell 
softinc.com.  EOE. 


SAP  SYSTEMS  CONSULTANT 
MULTIPLE  POSITIONS 

Analyze  procedures  &  sftwr  req 
&  plan,  design  thru  ASAP  meth¬ 
odology,  using  MYSAP.COM 
Enterprise  Resource  Planning 
Sys  to  meet  GASB  34  &  35  & 
fiscal  req,  &  split  processor  for 
fund  accounting  primarily  for  US 
public  sector.  Integrate,  test,  id¬ 
entify  problem,  consult  &  recom 
solutions.  M-F  8-5  Salary  comm 
w /  exp.  BSc.  Computer  Science 
or  Info  Sys  or  equiv  ed  &  exp  & 
2  yrs  exp  req.  Resume  to 
Labyrinth  Solutions,  Inc.,  8 
Oneida  Road,  Winchester,  MA 
01890 


WebMethods  -  EAI  &  B2B 
Certified  Programmer/Analysts: 
Analyze,  design,  develop,  test, 
implement  &  administer  special¬ 
ized  web  apps.  including  e-pro¬ 
curement  &  supply-chain  solu¬ 
tions  in  Web  Methods  4.6  and 
6.0.1.  &  Java  suites,  JDE  One 
Worid/SAP  Adapter.  Oracle.  MS- 
SQL,  Rational  tools,  EDIINT 
(AS2),  RNIF  1.1  Web/Apps.  on 
Servers  (WebLogic,  Net  dynam¬ 
ics,  Apache  -  Tomcat,  Jboss)  in 
various  OS.  Send  resume  to 
Attn  Position  101/2004,  66 
Perimeter  Center  East,  Ste.  600, 
Atlanta,  GA  30346.  EOE 


F/T  Instructional  Technology 
Database  Support  Developer 
Responsible  for  assisting  faculty 
in  using  available  technology  to 
enhance  teaching  and  learning 
using  Tango  4.5  middleware  and 
Dreamweaver.  Maintain  and 
extend  currently  available  learn¬ 
ing  technologies  and  promote 
their  wide  and  effective  use. 
Design,  create,  develop  and 
maintain  customized  database- 
driven  information  and  decision 
support  systems  and  solutions 
using  40.  ERDs,  and  Relational 
Database  Management  System. 
Develop  and  maintain  online 
learning  services.  Server  main¬ 
tenance  and  administration. 
Customize  database-driven  sys¬ 
tems  development  using 
Normalization  and  Banner. 
Educational  background  must 
have  included  the  above  refer¬ 
enced  computer  skills.  Must 
have  a  Master’s  in  Management 
Information  Systems  or  related 
field.  Salary:  Competitive.  Send 
resumes  to:  Dr.  Dwight  Call,  GA 
College  &  State  Univ.,  CBX  049, 
Milledgeville,  GA  31061. 


Senior  Systems  Analyst  Corn¬ 
ing  Incorporated  in  Corning,  NY, 
seeks  Senior  Systems  Analyst 
to  design  and  develop  applica¬ 
tions,  infrastructure  and  informa¬ 
tion  management  systems  that 
meet  business  requirements. 
Requires  Bachelor's  degree  in 
Information  Management,  Com¬ 
puter  Science,  Engineering  or 
related  field  and  relevant  experi¬ 
ence  including  work  with  rela¬ 
tional  databases  such  as  Oracle, 
SQL  Server  or  MS  Access,  pro¬ 
gramming  languages  such  as 
Java,  C,  C++,  Visual  Basic  or 
HTML,  and  experience  with 
object-oriented  design.  To  apply 
please  forward  your  resume  to 
stoneer@corning.com  and  refer¬ 
ence  opening  9542. 


Senior  Lead  Systems  Analyst. 
Coming  Incorporated  in  Com¬ 
ing,  NY,  seeks  Senior  Lead 
Systems  Analyst  to  develop  IT 
solutions  by  creating  new  and 
modifying  existing  software  ap¬ 
plications  for  science  and  tech¬ 
nology  organization.  Requires 
Master's  degree  in  Engineering 
or  Computer  Science  and  rele¬ 
vant  experience  in  the  stages  of 
innovation  in  an  R  &  D  environ¬ 
ment,  data  application  develop¬ 
ment  in  Oracle  using  SQL  and/or 
PL/SQL,  and  customizing  Manu¬ 
facturing  Execution  Systems.  To 
apply  please  forward  your 
resume  to  stoneer@corning.com 
and  reference  opening  9544. 


Cydent,  Inc.,  a  provider  of  soft¬ 
ware  services  based  in  Pleas¬ 
anton,  California,  is  looking  for  a 
Senior  Computer  Programmer. 
Job  duties:  Design,  develop,  test 
&  improve  DMS  for  Internet  and 
Intranet  Oracle-based  applica¬ 
tions  by  leading  team  of  pro¬ 
grammers  &  engineers.  Consult 
with  management  personnel  to 
clarify  program  intent,  identify 
problems,  and  suggest  program¬ 
ming  and  coding  required.  Sup¬ 
ervise  and  review  work  of  pro¬ 
gramming  personnel.  Test  run 
programs  and  train  program¬ 
mers.  U.S.  or  foreign  technical 
B.S.  &  5  yrs.  exp.  in  industry 
required.  Please  email  resumes 
to  resumes2004@cydent.com. 


McData  Corp.  seeks  applicants 
for  the  position  of  Software 
Engineer  to  work  in  Sunnyvale, 
CA  and  other  unanticipated  job 
sites  in  the  U.S.  to  develop  Fibre 
Channel  switching  fabric  proto¬ 
col  and  services,  including  vari¬ 
ous  Fibre  Channel  switching 
services  software  components 
to  interface  with  proprietary  net¬ 
work  management  subsystems. 
Requires  master's  in  computer 
science  and  working  knowledge 
of  networking  protocol  and  stor¬ 
age  protocol.  SNMP,  zoning  pro¬ 
tocol  and  failover  algorithm. 
Respond  by  resume  to  Peter 
Whittle,  McData  Corp  ,  380 
Interlocken  Crescent,  Broom¬ 
field,  CO  80021  and  refer  to 
JON  3. 


Principal  (IT  Professional)  need¬ 
ed  for  management  consulting 
and  information  technology  ser¬ 
vices  company  located  in  Lake 
Forest,  IL.  Job  duties  include: 
Analyze,  design,  develop,  imple¬ 
ment,  and  provide  end  user  sup¬ 
port  for  computer  applications 
for  clients  located  throughout  the 
US.  Provide  sustaining  engi¬ 
neering  for  Legacy  systems  with 
client  server  and  web-based 
applications.  Develop  proprie¬ 
tary  and  custom  code  for  con¬ 
nectivity  to  databases  using 
Oracle  and  Sybase.  Use  C++, 
Visual  Basic,  GUI,  Java,  and 
CTI  products  such  as  Genesys 
and  Cisco  ICM  to  accomplish 
tasks.  Applicant  must  have  B.S. 
degree  in  computer  science, 
math,  engineering,  business  or 
physics.  Applicant  must  also 
have  2  yrs.  exp.  in  the  job  duties 
listed  above  or  in  any  computer 
related  occupation  which  in¬ 
cludes  skills  listed  above. 
$81,500/yr.  Send  resume  & 
cover  Itr.  to: 

loyalty_employment@eloyalty.com 
&  refer  to  job  #23464. 


IT  Manager  -  Circulation 


The  Seattle  Times  is  seeking  a  seasoned  IT  Manager  to  direct 
daily  operations  and  strategic  planning  in  our  Circulation  depart¬ 
ment.  This  position  is  responsible  for  development  and  mainte¬ 
nance  efforts  related  to  all  of  our  Circ.  systems  and  developing 
technical  solutions  to  meet  our  business  needs.  The  successful 
candidate  will  have  the  ability  to  balance  priorities,  negotiate  with 
vendors,  collaborate  with  colleagues  across  the  company,  and 
implement  improved  procedures  and  new  technology  for  the 
business.  You  will  have  bottom-line  budget  responsibility  and  will 
be  a  key  member  of  both  Circulation  and  IT  management. 
Qualified  candidates  should  have  5+  years  IT  exp.,  w/at  least  4 
years  in  mgmt  or  6  years  of  proj.  mgmt.  BS/BA  degree  with 
advanced  Business  or  Management  Information  Technology 
degree  preferred  or  equivalent  exp. 

We  are  a  family-owned  and  operated  company  and  support  a 
drug-free  workplace.  EOE.  Learn  more  about  our  company  at 
seattletimescompany.com.  Please  email  your  cover  letter  and 
resume  (single  Word  document)  with  job  title  and  job  #03-251  to: 

st.resumes@seattletimes.com  or  send  to:  The  Seattle  Times 
Employment  /  JOB#03-251  PO  Box  70  Seattle,  WA  98111 


Software  Engineer  wanted  by 
Nuventive,  LLC  to  develop  Java 
Code  (JSP,  Beans.  Classes), 
Write  SQL  (ANSI  SQL,  Transact 
SQL,  PL  /  SQL)  to  access  MS 
SQL  Server  7.0  &  Oracle  9i.  Min 
BS  with  3-yr  exp.  using  Sun  One 
tech,  Apache  Tomcat,  iPlanet 
Application  server  Contact  hr@ 
nuventive.com.  No  calls. 

Hexium,  Inc,  is  a  new  IT  compa¬ 
ny.  It  has  openings  for  software 
engineers,  web  developers,  sys¬ 
tem  analysts.  Qualified  candi¬ 
dates  must  have  BS  with  sub¬ 
stantial  experience  in  ASP.Net, 
SQL.  Travel  may  required. 
Please  apply  at  humanre 
sources@hexiuminc.com.  EOE. 


SAP  Basis  Administrator  to  im¬ 
plement  and  administer  a  multi- 
domain  multi-user  SAP  system 
by  developing  related  security 
procedures,  configuration  of 
SAP  with  multiple  RDBMS,  de¬ 
veloping  landscape  client  proce¬ 
dures  and  implements  SAP 
change  controls  including  cor¬ 
rection  and  transportation  sys¬ 
tems  for  system  performance 
optimization  of  site  to  site  con¬ 
nectivity.  Requires  Bachelor's 
Degree  in  Computer  Science, 
Software  Engineering,  or  Electri¬ 
cal  Engineering  and  one  year 
direct  experience.  Send  resum¬ 
es  only,  no  calls,  to:  Carl 
Guenther,  Corio.  Inc.,  9525  W. 
Bryn  Mawr  Ave,  Ste  110, 
Rosemont,  IL  60018. 


Systems  Analysts:  Design/ 
develop  accntng./financial 
apps.  conforming  with 
FASB  in  Oracle  Financials 
Suite,  Oracle  RDBMS  & 
related  tools,  Forms, 
Reports,  MS  SQL,  Deve¬ 
loper/Discoverer,  Lotus 
Notes  in  various  OS.  Travel 
to  client  sites.  Send 
Resume  to  3100  Breck¬ 
inridge  Blvd.,  Suite  100, 
Duluth,  GA  30096.  EOE. 


Systems  Analyst  required  by 
San  Jose,  CA  based  software 
services  co.  Requires  a 
Bachelor’s  Degree  or  its  foreign 
equivalent  in  Technology  or 
Engineering  in  electronics  or 
computer  science.  Must  be 
skilled  in  TIBCO  Integration 
Platform.  Send  resume  to  HR 
Manager,  Varite,  Inc.,  12  South 
First  Street,  Suite  404,  San 
Jose,  CA  95113,  or  e-mail  at 
Careers@Varite.com 


SYSTEM  ANALYST  III  (Salem, 
NH):  Will  analyze  procedures 
and  problems  to  refine  data  and 
convert  to  programmable  form 
for  electronic  data  processing. 
Will  confer  with  customer  per¬ 
sonnel  to  ascertain  specific  out¬ 
put  requirements.  Will  support 
third  party  applications.  Will 
study  existing  data  handling  sys¬ 
tems  to  evaluate  effectiveness 
and  designs  technical  require¬ 
ments  for  new  and  existing  sys¬ 
tems  to  improve  production  or 
work  flow.  Will  prepare  charts 
and  diagrams  to  assist  in  prob¬ 
lem  analysis  and  submits  rec¬ 
ommendations  for  solution.  Will 
plan  and  prepare  technical 
reports,  memoranda  and 
instruction  manuals  relative  to 
the  establishment  and  function¬ 
ing  of  complete  operational  sys¬ 
tems.  Will  review  existing  opera¬ 
tional  systems  for  cost  effective¬ 
ness,  compliance  to  standards, 
and  flexibility.  Will  act  as  a  men¬ 
tor  to  lower  level  systems  ana¬ 
lysts  and  may  lead  some  pro¬ 
jects.  Requirements:  Bachelor's 
degree  in  Computer  Science  or 
related  field  and  two  (2)  years  of 
experience  in  the  job  offered  or 
two  (2)  years  experience  in  the 
related  occupation  of  system  or 
software  engineering.  Also, 
demonstrated  expertise  using 
the  following:  (1)  BEA  Weblogic 
Application  Server,  (2)  Oracle 
Database  Server  and  UNIX 
administration;  and  (3)  Actuate 
or  Control  M.  Offered  salary  is 
$85, 000/year  for  full-time 
employment  (min.  40  hours  per 
week)  and  standard  company 
benefits.  EEO.  Submit  2 
resumes  and  respond  to  Job 
Order  #  2004-216,  PO  Box  989, 
Concord,  NH  03302-0989. 


Web  Developer/Programmer 

Multiple  positions  available  to 
primarily  develop  web-based 
computer  applications,  applying 
knowledge  of  computer  pro¬ 
gramming  techniques  &  sys¬ 
tems. 

Requirements:  Bachelor's 

degree  in  Computer  Science  or 
related  field.  Must  possess  3 
yrs.  post-baccalaureate  work 
exp.  in  position  offered  or  in 
computer  industry.  Must  be 
knowledgeable  &  proficient  in 
(1)  one  of  the  following  databas¬ 
es  (Oracle,  VSAM.  DB2,  SQL 
Server  or  Teradata):  (2)  JAVA; 
and  (3)  one  of  the  following  high- 
level  languages  (VB/ASP, 
PL/SQL  or  C/C++).  Must  be  will¬ 
ing  to  travel  &  relocate  to  client 
sites  nationwide  frequently. 
Replies  with  Ref  Code  CW2004 
via  email  (Steve. rydzak@sdi- 
worid.com),  fax  (412-221-2388) 
or  mail  (Steve  Rydzak,  SDI 
Technologies,  1373  Washington 
Pike,  Suite  103,  Bridgeville,  PA 
15017) 


Kanbay  is  a  premier  global 
systems  integrator  that  provides 
high-quality,  high-value  solutions 
to  the  insurance,  banking,  credit 
card,  consumer  lending  and 
securities  industries.  We  provide 
a  complete  life-cycle  of  services 
including  program  management, 
business  analysis,  technology 
planning,  architecture, 
application  development, 
maintenance  and  support.  Our 
specialized  services  include 
business  intelligence,  package 
selection,  customization, 
implementation  and  testing. 

The  following  opportunities  are 
based  at  our  corporate 
headquarters  in  Chicago  and 
locations  nationwide. 

We  are  seeking  candidates  with 
technical  skills  in  some  of  the 
following  areas:  JAVA,  J2EE, 
OOAD,  WebSphere,  XML,  .Net, 
Ingenium,  COBOL,  CICS,  DB2, 
JCL,  and  VisionPlus  expertise  in 
an  MVS  environment. 

•  Project  Managers 

•  Technical  Architects 

•  Project  Leads 

•  Sr.  Programmer/ 
Analysts 

•  Associate  Consultant 

For  consideration,  forward 
response  to:  Kanbay,  Inc.,  6400 
Shafer  Cf.,  Suite  100,  Rosemont, 
IL  60018.  Fax:  847-318-0784 

Email:  rstewart@kanbaycom. 
Please  reference  code  CW0304 
in  all  correspondence.  Kanbay  is 
an  Affirmative  Action 
Employer/EOE  organization. 


Kanbay 

www.lcanbay.com 


MAXIL  Technology  Solutions  Inc 
is  seeking  a  Full  time  Program¬ 
mer  Analyst  who  has  Excellent 
knowledge  in  CMM,  IEE,  Soft¬ 
ware  Metrics,  Risk  Manage¬ 
ment,  Requirements  Review. 
Develop  test  Plans,  Change 
Control  and  Configuration  Man¬ 
agement.  Experience  in  white 
box  and  black  box  testing/ 
Manual  Testing.  Experience  with 
a  programming  language  (ASP, 
Cold  Fusion,  Visual  Basic)  is 
required.  Strong  Experience  in 
Database  connectivity  using 
DAO,  RDO,  ADO,  ADO.  NET 
with  backend  as  SQL  Server 
and  Oracle. Experience  in  Ac¬ 
tiveX  component  and  COM, 
DCOM  objects  of  VB.  Education 
Experience:  Bachelors/Masters 
in  Science/Engineering  with 
minimum  of  two  Years  of  experi¬ 
ence  in  Automated  Tools  like 
WinRunner,  Load  Runner,  Test 
Director,  Oracle.  MS  SQL  Server 
and  VB.NET,  Informatica.  Re¬ 
spond  by  Email  to  resumes@ 
maxiltechnology.com/677-853- 
6009(F). 


Computerworld  •  InfoWorld  •  Network  World  •  March  22,  2004 


Programmers  8  Software 
Engineers:  Analyze,  design, 
develop,  test  &  implement  spe¬ 
cialized  apps.  in  (a)  Business 
Objects  8  rel.  product  suite, 
Web  Intelligence,  Imformatica, 
PowerMart,  ASP.  VB,  Crystal 
Reports,  Oracle  8i  8  rel.  tools, 
(b)  PeopleSoft  Supply  Chain 
Mgmt.,  Financial  8  HRMS, 
Oracle  8  rel  tech.;  (c)  SAS 
Suite,  Teradata,  Sybase, 
Informix,  Oracle  9i  8  rel.  tech.; 
(d)  WebSphere,  Peoplesoft 
HRMS,  Oracle  8  rel.  tools,  Java 
8  rel.  tech.;  (e)  MQ  series, 
WebSphere,  XML,  DB2,  Apache 
Server,  Clearcase,  Java  8  rel. 
tech.;  (f)  Vitria  Businessware, 
VisualCafb,  Weblogic,  C++. 
Sybase,  Java  8  rel.  tech.;  (g) 
Oracle,  ADSM,  SQL,  Ablnitio, 
Sybase,  Informix,  Rational 
Clearcase  and  rel.  tools;  (h) 
PeriphonicsProducer  8  other 
Penphonics  products  for  interac¬ 
tive  voice  response  systems, 
SCCS,  C/C++,  Oracle  8i  8 
Genesys  product  suite;  (i)  SAP- 
SEM.  SAP  R/3,  SAP  BW, 
ABAP/4,  SAP  (SD,  MM,  PP)  8 
rel.  tech;  (j)  Oracle,  SQL  Server, 
Cobol,  CICS,  DB2,  IMSDB/DC, 
TSL  8  rel.  tech.  Send  resume  to 
Software  Technical  Services, 
Inc.,  HR,  2021  Fox  Valley  Drive 
SW,  Rochester,  MN  55902, 
identifying  interested  position(s). 
EOE 


Software  Engineers, 
Database  Administrators, 
Network/Systems  Administrators 

Employer:  NaviSite,  Inc 
Date  Posted:  03-11-2004 
Job  Description: 

COMPUTER  --  NaviSite's  repu¬ 
tation  for  innovative  managed 
hosting  and  development  is 
fueled  by  the  talent  of  our 
employees.  We're  looking  for 
skilled,  dynamic  professionals 
who  are  up  to  the  challenge  of 
upholding  our  reputation  for 
great  customer  service  and  in¬ 
novative,  on-time  solutions  to 
customer  needs.  NaviSite,  Inc. 
has  openings  in  occupations 
including;  Software  Engineer 
(systems  and  applications)  JOB 
CODE:  SE3906,  Database  Ad¬ 
ministrator  JOB  CODE:  DA- 
4906,  and  Network/Systems  Ad¬ 
ministrator  JOB  CODE:  SA5906. 
Jobsites  include  Andover,  MA; 
Syracuse,  NY;  Vienna,  VA;  San 
Jose,  CA;  and  San  Francisco, 
CA. 

Cover  letter  and  resume  to 
NaviSite,  Inc.  jnazarian@navis- 
ite.com. 

NaviSite,  Inc 
400  Minuteman  Road 
Andover,  MA  01810 
Attn:  Recruiting 
Requirements:  PLEASE  IN¬ 
CLUDE  JOB  CODE  IN  SUB¬ 
JECT  LINE  OF  E-MAIL. 


COMPUTER  PROFESSION¬ 
ALS:  Radiant  Systems,  Inc.  a 
Nationwide  Technology  provider 
located  in  NJ.CT.TX  8  FL  req 
Professionals  w /  Hardware  8/or 
Software  skills  Incl:  C,C++, 
Java,  JavaScript,  XML,  UML, 
Perl.  HTML,  SQL,  Pro*C, 
VB.PB,  VC++,  MFC,  SDK, 
Gupta-SQL,  Informix, Crystal 
Reports,  Sybase,  Dev  2000, 
Lotus  Notes,  Unix,  Win 
NT/95/XP,  RTOS,  Sun  OS,  Help 
Desk/PC-Support,  SAP,  R/2- 
R/3,  ABAP/4.  SAP  Scripts, 
PeopleSoft,  IDMS,  AS/400, 
COBOL/CICS/DB2,  MVS, 
RPG/400,  SQA,  Win/Load 
Runner,  SNMP,  CORBA,  ASP, 
Active-X,  DTM/TDMA,  FDMA, 
Routers,  DSP/ATM,  FRAME 
RELAY.  TCP/IP,  ISDN,  DCOM, 
COM.  PL/1,  SAS,  Vx-Works, 
VHDL,  SONET/SDH.  SNMP,  HP 
OpenView,  Proj  Mgr,  Tech 
Writers  Candidates  w/a  BS(or 
equiv)  8  2yrs  exp.  as  P/A  and/or 
MS  (or  equiv)  8  lyr  exp.  as  S/E. 
Travel  8  reloc  .req.  to  anywhere 
in  USA  as  assigned.  Excel 
Benefits.  E-Mail:  radiants@radi- 
ants.com  Attn  H  R  Dept  109-A 
Corporate  Blvd.,  S  Plainfield, 
NJ  07080. 


Programmers,  Software  Engin¬ 
eers  8  Network/System  Adm¬ 
inistrators:  Analyze,  design, 
deveiop  8  test  apps.  in  (1)  MS 
tech.  including  ASP.NET, 
VB.NET,  C#  8  related  .NET 
tech..  XML,  HTML,  ASP, 
VB/Java  Script,  COM/DCOM, 
SQL  Server,  Crystal  Reports, 
Visual  ActiveX,  BizTalk  8  rel. 
tools;  (2)  SAP  r/3,  ABA  PI  4  pro¬ 
gramming  in  SAP  (BW,  SD,  MM, 
PP  8  FI/CO)  modules,  SAP 
Scripts,  EDI,  Mercator,  Web¬ 
Sphere,  DB2,  Java  8  rel,  tech.; 
(3)  EDI,  HIPAA,  Cobol,  Clarify, 
SQL  Server,  Sybase,  VB,  DB2, 
Oracle.  Java,  VB  8  rel.  tech.;  (4) 
AB-lnitio,  Teradata,  Clarify, 
Oracle,  Toad,  Unix  Shell/Perl 
Scripts  8  rel.  tech.;  (5) 
BroadVision,  Oracle,  JDBC,  J- 
Builder,  Java  8  rel.  tech., 
Netscape  Enterprise,  Weblogic 
8  Jrun  Servers,  Net  Beans, 
Struts  8  Velocity;  (6)  System 
design,  install,  network  8  admin¬ 
ister  AIX,  Solaris  8  NT  based 
servers:  (a)  Apache  Web, 
Websphere  App.,  Veritas 
NetBackup,  Oracle,  MQSeries, 
iPlanet,  Bourne,  Korn,  TCP/IP, 
DB2,  Java,  C,  C++,  BigBrother, 
HumminBird,  Netview  and  relat¬ 
ed  tech.;  (b)  TCP/IP  SNMP  8 
other  network  protocols,  DHCP, 
DNS,  VPN,  Exchange,  SMS, 
Microsoft  Windows/Sun/Linux 
OS  Versions,  Compaq,  Dell,  IBM 
Enterprise/Proxy  Terminal 
Servers  -  [CCNP  8  MCSE 
required];  Send  resume  to  HR, 
1278  Killian  Knoll  Circle,  Lilburn, 
GA  30047,  identifying  interested 
position(s).  EOE 


MAXIL  Technology  Solutions  Inc 
is  seeking  a  Full  time  Program¬ 
mer  Analyst  who  has  Analyze, 
design,  and  developed  applica¬ 
tions  on  the  legacy  based  sys¬ 
tems,  3-4  years  of  experience  in 
AS400  using  Cobol/400,  RPG/ 
400,  CL/400,  QRY/400,  SQL/ 
400  SDA,  DFU,  RLU  and  AL- 
DON  Change  Management 
System  and  databases  like 
DB2/400,  DB2  and  UDB.  Should 
have  extensive  knowledge  in 
design/development  using  CO- 
BOL/400,  CL/400  as  control  lan¬ 
guage  using  OS/400  as  operat¬ 
ing  system  Should  have  3  years 
experience  on  Wheatley  Insur¬ 
ance  (WINS)  application  on 
AS/400.  Should  have  min  1-year 
experience  on  Mainframes  using 
APS-COBOL,  VS  COBOLII  and 
JCL.  Exposure  towards  web 
tech  like  Java,  JSP,  Servlets  and 
HTML  preferred.  Education  8 
Experience:  Bachelors/  Masters 
in  Science/Engineering  with  3-5 
years  of  Industrial  Experience. 
Experience  in  Insurance  appli¬ 
cations  using  WINS,  COBOL/ 
400  and  CL/400  strongly 
desired.  Respond  by  email  to 
resumes@maxiltechnology.com 
/877-853-6009(F). 


Software  Developer  (3  FT  posi¬ 
tions)  to  design  browser  based 
software  applns.;  user  interac¬ 
tion;  reqs.  defn.;  project  plans; 
program  specs.,  code,  unit  inte¬ 
gration,  test  8  create  tech, 
docs.;  design/  develop  database 
tables,  stored  procs.  8  triggers 
in  SQL  Server  2000;  database 
schema,  site  arch.,  site  map  in 
MS  Visio;  document  database 
objects,  Ul  element;  use  object 
oriented  features  inheritance, 
overloading,  polymorphism  8 
interfaces  to  develop  core 
framework  classes;  develop 
XML  docs.  8  cust.  Svc.  for 
maint.  Develop  web-based  n-tier 
applns.  using  ASPNET,  Visual 
Studio.NET,  ADO.NET,  ASP,  VB 
6.0,  Oracle  8i,  MS-Access  2000, 
C #,  SQL  2000,  ODBC,  JAVA¬ 
SCRIPT,  VB.NET,  HTML.  D- 
HTML,  on  windows  95/98/NT/ 
2000/XP.  BS  in  Business/Com¬ 
puter  Science  or  equivalent  +  2 
yr.  exp  in  job  duties  OR  2  yrs. 
software  development  experi¬ 
ence  in  ASP.NET,  C#,  VB.NET, 
COM  +,  XML,  SQL  2000.  Em¬ 
ployer  will  accept  5  yrs.  software 
exp  in  lieu  of  BS.  Comp,  sala¬ 
ries.  Apply:  Intermark.  1800 
Internl.  Park  Dr..  #  500, 

Birmingham,  AL  35243  with 
proof  of  perm,  w/k  authzn. 


Senior  Business  Systems  Ana¬ 
lyst  to  analyze  complex  financial 
business  systems  and  subsys¬ 
tems  installed  in  an  IBM  DB/DB2 
or  other  similar  Oracle  or  Sy¬ 
base  environment  using  devel¬ 
opment  tools  such  as  Powerbuil- 
der,  MQ  Series,  CICS,  VSAM, 
PVCS,  UNIX  Scripts,  Visio, 
PFC,  VB  and  PB  Profiler  to 
insure  that  systems  applications, 
modules  and  subsystems  are 
properly  integrated  with  client 
servers  and  web  based  applica¬ 
tions  and  are  capable  of  trans¬ 
mitting  data  in  various  formats 
based  on  end  user's  require¬ 
ments  in  a  real  time  environ¬ 
ment.  Defines  and/or  documents 
financial  business  systems  re¬ 
quirements  and  writes  functional 
and  technical  specifications. 
Implements  and  supports  sys¬ 
tems  applications  in  a  client 
server/web  application  environ¬ 
ment.  Requires  Bachelor's  De¬ 
gree  in  Computer  Science  and 
two  years  direct  experience.  Job 
location:  Tampa,  Florida.  Send 
resumes  only,  no  calls,  to: 
Cheryl  Franz,  Human  Resourc¬ 
es  Officer,  Household,  Attn: 
International  Human  Resources, 
One  HSBC  Center,  25/F, 
Buffalo,  New  York  14203. 


OPERATIONS  RESEARCH 
SPECIALIST  wanted  by  a  Car 
Rental  co.  in  Parsippany,  NJ. 
Working  with  client  management 
to  examine  existing  methods, 
procedures  and  complex  prob¬ 
lems  to  determine  where 
Operations  Research  tec- 
qniques  can  aid  decision-mak¬ 
ing.  Must  have  a  Master's 
degree  in  Math,  Indust.  Eng., 
Statistics  Operations  Research 
or  related  field.  Must  also  have 
specialized  knowledge  of  vari¬ 
ous  computing  platforms,  specif¬ 
ically  MVS/TSO/JCL/UNIX/SAS/ 
C/Fortran/Sybase/Power¬ 
Builder/  CPLEX,  database  prod¬ 
ucts  and  PC  software  tools.  In 
lieu  of  a  Master's  degree,  we  will 
accept  a  Bachelor's  degree  plus 
two  (2)  yrs.  progressive  exp.  in 
operations  research,  statistical 
methods  and  scientific  program¬ 
ming  skills. 

Please  send  resume  to: 

Cendant  Car  Rental  Group,  Inc 
Human  Resources,  Staffing 
6  Sylvan  Way 

Parsippany,  New  Jersey  07054. 
Fax#  973-496-7584 
cendant.jobsl  3@cendant.com 
Ref#OR-1 . 


System  Administrators  req'd  for 
Chicago,  IL  office.  Design  8 
implement  Firewall  Archi¬ 
tectures,  WANs,  LANs,  ATM, 
Fiber  SAN,  TCP/IP  networks, 
DNS,  SOCKS,  Cisco  PIX, 
CISCO  Routers  and  Foundry 
Load  Balancing;Manage  system 
process  using  C++,  Multithread 
works,  Windows  SDK,  Shell, 
Perl  and  TCL/TK.  Bachelors  or 
equivalent  req’d  in  Computers, 
Engineering,  Math  or  any  relat¬ 
ed  field  of  study  +  2  yrs  of  relat¬ 
ed  exp.  40  hrs/wk.  Must  have 
legal  I  authority  to  work  perma¬ 
nently  in  the  U.S.  Contact  HR 
Manager,  Aster  Telesolutions, 
Inc.,  37053,  Cherry  St,  Ste  103 
Newark,  CA  94560 


Programmer  Analysts  for  Dallas, 
TX  office.  Design  8  Develop 
software  applications  using 
Oracle,  Erwin,  XML,  UML,  C++, 
Interwoven,  Coolgen,  Clear- 
Case,  ClearQuest.  PVCS,  UNIX; 
Bachelors  reqd  in  Computers, 
Engineering,  Math  or  any  relat¬ 
ed  field  of  study  +  2  yrs  of  relat¬ 
ed  exp.  40  hrs/wk.  Must  have 
proof  of  legal  authority  to  work 
permanently  in  the  U.S.  Send 
resume  to  HR  Manager, 
Redsalsa  Technologies,  Inc, 
14001.N.  Dallas,  Parkway.  #550 
Dallas.  TX  75240 


RESEARCH  PROGRAMMER 
University  of  Illinois  at  Chicago 

Administer  UNIX,  Windows  NT 
and  other  servers  used  for 
teaching;  programming;  provide 
instructional  technology  consult¬ 
ing  to  faculty;  help  develop  tech¬ 
nology-based  courses  and  teach 
computer  seminars  and  work¬ 
shops.  The  applicant  should 
have  a  Bachelor's  Degree  in 
Computer  Science  or  related 
field,  and  have  teaching  experi¬ 
ence.  The  successful  candidate 
should  have  two  years  of  com¬ 
bined  experience  in  Windows 
NT,  and  UNIX  system  adminis¬ 
tration,  Webmaster  experience, 
programming  in  HTML,  Perl  and 
C,  and  have  experience  in 
teaching,  course  development 
and  in  using  computer  and 
Internet  technology  in  education. 
Working  knowledge  of  Apache, 
IIS,  Tomcat.  Oracle,  PL/SQL, 
Transact-SQL  and  multimedia 
authoring  tools  are  a  plus. 
Please  submit  resume  by 
4/23/04  to  Mint  Simagrai, 
Academic  Computing  and 
Communications  Center,  1940 
W.  Taylor,  Room  124  (M/C  135), 
Chicago,  IL  60612.  UIC  is  an 
Affirmative  Action/Equal  Oppor¬ 
tunity  Employer. 


IT  Business  Manager,  Wachovia 
Corp.  Charlotte,  NC.  Develop 
and  implement  IT  business  solu¬ 
tions  for  various  business  units 
across  the  bank.  Responsible 
for  overseeing  several  IT  pro¬ 
jects  simultaneously.  Reqs.  BA 
in  Bus.  Admin.  8  2  yrs  exp.  in 
the  pos.  offered  or  as  a  Systems 
Architect  or  Solutions  Architect. 
The  2  yrs  must  incl.  work 
deploying  internet  appls.  in  the 
financial  services  industry,  incl. 
but  not  limited  to  secure  online 
appl.  and  defining  8  delivering 
segment  based  portal  8  appl. 
strategies  w/  a  strong  focus  on 
the  small  business  customer 
segment.  40hrs/wk.  Send  res¬ 
ume  8  cvr.  Itr.  to  Jane  Higgins, 
401  S.  Tryon  Street,  NC  0958, 
Charlotte,  NC  28288.  No  phone 
calls  please. 


Trading  Systems  Developer, 
Charlotte,  NC,  Wachovia  Corp. 
Develop  8  write  computer  pro¬ 
grams  for  fixed  income  and  risk 
mgmt.  systems.  Reqs.  MA  in 
Computer  Science  8  2  yrs  exp. 
in  pos.  offered  or  as  an  Analyst 
Developer  or  Software  Engineer. 
The  2  yrs  must  incl.  work  w / 
trade  processing  concepts  rel.  to 
electronic,  manual  trading,  STP 
and  settlements  8  must  incl. 
designing  and  developing  soft¬ 
ware  appls.  for  fixed  income 
trading  using  C++,  Java  Perl, 
RV  Messaging,  Rouge  Wave, 
Windows  NT,  Unix,  Sybase  in  a 
distributed  computing  environ¬ 
ment.  M-F,  40hrs/wk,  Send  res¬ 
ume  and  cover  letter  to  Edward 
J.  Hayes,  Wachovia  Corp.,  401 
S.  Tryon  Street,  NC0958, 
Charlotte,  NC  28288-0958.  No 
phone  calls. 


PROG.  ANALYST  - 
ORACLE  FINANCIALS 

Dvlp  customized  applns  to 
Oracle  Financials  software 
package.  Upgrade,  patch 
releases  8  test  to  client  specs. 
Integrate  with  Customer 
Relationship  Mgmt  applns  like 
Siebel.  MS  degree  in  Comp. 
Sci.,  MIS  or  Comp.  Engnrg  +  5 
yrs  exp.  in  job  offered  or  in 
Software  Engnrg  w/Oracle 
Financials  reqd.  40  hrs/wk,  OT 
as  reqd,  8am  -  5pm,  $66,730/yr. 
Qualified  applicants  please  sub¬ 
mit  resume  to  Manager,  Butler 
County  CareerLink,  Pullman 
Commerce  Center,  112 
Hollywood  Drive,  Suite  101, 
Butler,  PA  16001-5699.  Please 
refer  to  Job  Order  No.  WEB 
400015. 


IT  Technical  Lead,  Wachovia 
Corp.  Charlotte,  NC.  Lead  IT 
team  that  develops,  creates,  and 
modifies  computer  applications. 
Oversee  budget  preparation  and 
track  IT  project  expenses. 
Reqs.  MA  in  Computer  Science, 
Prod,  or  Mechanical  Eng.  and  2 
years  of  exp.  in  the  pos.  offered 
or  as  a  Software  Engineer  or 
Computer  Programmer.  The  2 
years  must  incl.  working  w/ 
check  imaging  and  online  bank¬ 
ing  systems  using  internet  tech¬ 
nologies  such  as  JAVA, 
WebSphere,  iPlanet  and  UNIX 
and  must  have  included  manag¬ 
ing  an  IT  projects  with  a  budget 
in  excess  of  $1  million. 
40hrs/wk,  Send  resume  8  cvr. 
Itr.  to  Jane  Higgins,  401  S.  Tryon 
Street,  NC  0958,  Charlotte,  NC 
28288.  No  phone  calls  please. 


SENIOR  SOFTWARE  ENGIN¬ 
EER  to  design,  develop  and  test 
various  application  software  and 
web-based  GUIs  for  the  telecom¬ 
munication  industry  using  Object 
Oriented  programming  tech¬ 
niques,  Java,  Servlets,  Applet, 
EJB,  JSP,  J2EE,  Design  Paterns, 
C,  C++,  HTML,  XML,  UML,  Java¬ 
Script,  SQL,  VC++  and  COM/ 
DCOM  under  Windows  NT/95/98 
/2000/XP,  HP-UX,  Sun  Solaris 
and  Linux  operating  systems. 
Require:  B.S.  degree  in  Comput¬ 
er  Science/Engineering,  or  a 
closely  related  field  with  5  yrs  of 
progressively  responsible  exp  in 
the  job  offered  or  as  a  Program¬ 
mer/Analyst  or  Programmer.  Ex¬ 
tensive  travel  on  assignment  to 
various  client  sites  within  the 
U.S.  is  required.  Competitive 
salary  offered.  Apply  by  resume 
to:  Eduardo  Santos,  Custom 
Software  Solutions,  Inc.,  1002 
Williamson  Lane,  Snellville,  GA 
30078;  Attn:  Job  NH. 


PROGRAMMER:  Convert  to 
flow  charts  for  coding:  devel¬ 
op  &  write  programs:  program 
8  maintain  websites.  Req.: 
Bachelor's  in  IT.  (employer 
will  accept  foreign  degree 
equiv.  or  equiv.  in  exp.  or  any 
comb,  of  edu./exp.)  Resume: 
Atlanta  Retailers  Assoc.  LLC, 
3300  Buckeye  Rd.  #  698, 
Atlanta,  GA  30341 . 


Software  Engineer.  Dsgn.  8 
devlp.  supply  chain  ntwrk.  soft. 
Plan  8  dsgn.  SAP  R/3  soft,  w/ 
APOimplem.  to  optimize  cost  8 
profit  based  supply  chain  syst. 
consid.  asset  utiliz.  8  inv.  constr. 
Invlvs.  demand  plan.  8  SNP 
interf.,  creation  of  plan,  areas  8 
books,  SNP  build  plan  gener., 
interf.  of  master  data  8  CIF  to 
R/3,  live  cache  8  datab.  8  soft, 
config.  Work  could  be  in  unan¬ 
tic.  Iocs,  across  the  U.S.  Req. 
are  Bach.  Deg.  in  Comp.  Sci.  or 
Comp.  Eng.+  2  yrs.  exp.  40 
hrs./wk.  $80,000/yr.  Submit 
resume  to  the  Career  Link  at 
1855  New  Hope  St.,  Norristown, 
PA  1940 land  ref.  job  order 
#WEB401097. 


Software  Engineers  needed 
to  dvlp,  test,  implmnt  s/ware 
applies  using  Java,  J2EE, 
EJB,  C++,  DHTML,  XML, 
XSLT,  Struts,  JSP,  Shell 
Scripting,  Oracle,  TCP/IP, 
SONET,  SS7,  X/Motif, 
SilkTest,  WinRunner,  8  Purify 
on  Windows  8  UNIX.  Send 
resume  to:  Global  Consul¬ 
tants,  Attn:  Hireme,  8800 
Grand  Oaks  Cir  #100,  Tampa, 
FL  33637. 


Software  Engineer  for  Tewks¬ 
bury,  MA  based  developer  of 
software  products  for  J2EE  web 
applications,  portlets  and  web 
services.  Requires  Bachelor  of 
Science  degree  in  Computer 
Science,  Computer  Engineering 
or  related  area  and  one  (1)  year 
experience  in  object  oriented 
design  of  web-based  software 
applications  using  Java,  JSP, 
XML  and  relational  databases 
including  configuring  production 
deployment  environments,  con¬ 
ducting  software  requirement 
analysis,  performing  unit  testing, 
developing  software  QA 
processes,  creating  product  and 
technical  documentation  and 
providing  customer  support.  The 
position  is  located  in  Tewksbury. 
MA  with  15%  travel.  Send 
resume  to  Bowstreet,  Inc., 
Human  Resources,  Ad  Code: 
0492,  200  Ames  Pond  Drive, 
Tewksbury,  MA  01876. 


Systems  Software  Engineer: 
Responsible  for  research, 
design,  develop  8  test  oper¬ 
ating  systems  software. 
Translate  clients'  require¬ 
ments  into  Urdu  language 
for  overseas  engineers.  Re¬ 
quire:  BS  in  Computer 
Science/Engineering  +  2 
years  of  exp.  Send  resume 
to:  Memory4Less,  Inc.,  2622 
W.  Lincoln  Ave.,  #104, 
Anaheim,  CA  92801,  Attn: 
HR  Mgr  or  fax  to:  714-821- 
3361. 


Programmer  Analyst  needed  w/ 
exp  in  s/w  applications  using  SQL 
queries,  VC++,  C#  8  ASP.NET. 
Work  on  XML  based  EDI  applica¬ 
tions  using  Java,  J2EE,  XSL,  SQL 
Server,  ADO.NET  8  .NET  technol¬ 
ogies  on  Unix  8  Windows  plat¬ 
forms. 

Programmer  Analyst  w/exp  in  mul¬ 
tithreaded  programs  using  ASP, 
IIS, C++,  VC++,  MFC,  Win32  SDK, 
ODBC,  GUI,  WinSock,  SQL  Ser¬ 
ver,  Windows  NT/2000  8  frontend 
tools. 

Programmer  Analyst  w/exp  in  us¬ 
ing  C++,  Java,  HTML,  XSL/XML, 
Java  Script,  PL/SQL,  Windows  8 
Unix.  Integrate  legacy  appl.  using 
VITRIA  8  interface  with  Oracle. 
Mail  resumes  to:  Compu-lnfo,  410 
Kingston  Road,  #2A,  West 
Kingston,  Rl  02892. 


K8M  Softech  is  looking  for  pro¬ 
grammer/system  system,  soft¬ 
ware/project  engineers  or  IT  pro¬ 
fessionals.  Both  entry  8  experi¬ 
enced  levels  needed.  Some 
positions  require  travel.  Skills  in 
C/++.  VB,  Java,  Oracle,  SAP. 
SQL  are  plus.  Please  send 
resumes  to  Recruit@kmsof 
tech.com.  EOE. 

Software  engineers/system  ana¬ 
lysts  wanted  by  ASI  DataMyte. 
Candidates  must  have  BS  with 
min  one-yr  exp  to  develop  GUI 
and  server  database  systems. 
Skills  in  VC++,  Java,  VB,  Oracle 
preferred.  We  offer  competitive 
wage  with  full  benefit.  Apply  at 
hr@asidatamvte.com.  EOE.  No 
calls. 


Project  Leader.  Corning  Incor¬ 
porated  in  Corning,  NY,  seeks 
Project  Leader  to  develop  and 
support  information  technology, 
business,  manufacturing  and 
quality  systems  for  science  and 
technology  organization.  Re¬ 
quires  Bachelor's  degree  in  Infor¬ 
mation  Management,  Computer 
Science,  Engineering  or  related 
field  and  relevant  experience 
including  management  of  IT- 
related  projects,  programming 
languages  such  as  Java,  C.  C++, 
Visual  Basic  of  HTML  and  appli¬ 
cation  development  using  rela¬ 
tional  databases  such  as  Oracle, 
MS  SQL  Server  or  MS  Access. 
To  apply  please  forward  your 
resume  to  stoneer@corning  com 
and  reference  opening  9543. 
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Sana  Security 
SealedMedia 
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These  indexes  are  provided  as  a  reader  service.  Although  every 
effort  has  been  made  to  make  them  as  complete  as  possible,  the 
publisher  does  not  assume  liability  for  errors  or  omissions. 
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SEMINARS  EVENTS 


Network  World  Seminars 
and  Events  are  one  and  two 
day.  intensive  seminars  in 
cities  nationwide  covering 
the  latest  networking  technologies  All  of  our  seminars  are 
also  available  for  customized  on  site  training.  For  complete 
and  immediate  information  on  our  current  seminar  offerings, 
call  a  seminar  representative  at  800-643-4668.  or  go  to 
www.nwtusion.com/seminars. 


Publicize  your  press  coverage  in  Network 
World  by  ordering  reprints  of  your  editorial 
mentions.  Reprints  make  great  marketing 
materials  and  are  available  in  quantities  of 
500  and  up.  To  order,  contact  Reprint 
Management  Services  at  (717)  399-1900  x129 
or  E-mail:  mshober@reprintbuyer.com 
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Internet:  adoucette,  jkalbach,  sbuckler,  sgutierrez,  dlovell, 
kdouglas,  lthompson@nww.com 
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director  at  The  Yankee  Group. 

MCI  introduced  its  Secure  Internet  Gate¬ 
way  (SIG)  service  last  May  and  promised 
to  follow  up  with  two  specific  enhance¬ 
ments  The  carrier  met  its  original  goal  of 
supporting  dial-in  VPN  access  within  MCI’s 
network,  rather  than  requiring  users  to 
connect  to  a  Nortel  Contivity  device  at  the 
customer  premises. 

But  as  the  company  prepares  to  emerge 
from  bankruptcy  next  month,  it  is  falling 
short  on  providing  customers  with  the  abil¬ 
ity  to  marry  multiple  VPN  services  using 
SIG.The  service  is  expected  to  allow  a  cus¬ 
tomer  to  connect  his  Private  IP  Dedicated 
IP  VPN,  frame  relay  and  ATM  networks 
using  SIG  to  support  secure  IPSec  tunnel¬ 
ing  across  all  environments.  MCI  says  it  has 
run  into  a  technical  snag. 

“Interworking  [IPSec]  tunnel  monitoring 
became  our  primary  challenge,”  says 
James  Williams,  senior  manager  for  data 
network  engineering  at  MCI.  “The  tunnels 
provide  a  path  through  the  public  Internet 
to  our  network  to  reach  the  [customer 
premises  equipment]  .That  tunnel  needs  to 
be  monitored  to  know  if  its  up  or  down.” 

MCI  soon  realized  this  task  was  impossi¬ 
ble  because  of  proprietary  IPSec  imple¬ 
mentations  from  the  three  vendors  it’s 
working  with  to  support  this  service. Those 
vendors  are  Cisco,  Lucent  and  Nortel. 

MCI  turned  to  the  IETF  which  was  work¬ 
ing  on  a  draft  specification  to  address  the 
issue  dubbed  Dead  Peer  Detection.  In  Feb¬ 
ruary  the  IETF  issued  RFC  3706,  an  infor¬ 
mational  protocol  document  that  outlines 
a  method  for  network  administrators  to 
determine  if  an  IPSec  tunnel  is  no  longer 
connected,  says  Paul  Hoffman,  director  of 
the  VPN  Consortium.  Dead  Peer  Detection 
is  one  of  several  keep-alive  mechanisms 
used  with  IPSec  so  a  carrier,  in  the  case  of 
MCI,  would  know  instantly  if  a  tunnel  goes 
down. 

All  three  vendors  are  working  on  new 
code  that  will  support  RFC 
3706.  “We  expect  to  see  code 
within  the  month  from  the 


three  vendors,”  MCI’s  Williams  says. 

Nortel  says  code  that  supports  RFC  3706 
for  its  Shasta  5000  BSN,  which  is  the  gate¬ 
way  device,  is  expected  next  month.  Cisco, 
the  author  of  the  draft,  currently  supports 
RFC  3706  in  its  VPN  gear.  But  Lucent  isn’t 
expecting  to  deliver  RFC  3706  support  in  its 
VPN  products  until  May 


“Phase  two  pushed  out  all  activities.  Get¬ 
ting  interworking  out  the  door  was  our  first 
priority’ Williams  says. “We  have  continued 
to  work  on  the  firewall  behind  the  scenes, 
but  maybe  not  with  as  much  energy’ 

MCI  also  has  lost  some  footing  with  its 
MCI  Advantage  VoIP  services  for  business 
customers.  The  carrier  said  last  May  that  it 


Waiting  for  advanced  services 


MCI  has  hit  a  variety  of  snags  as  it  has  tried  to  roll  out  its  converged 
services  since  last  year. 


Service 

Secure  Internet 
Gateway  Private  IP 

Initial 

promise 

October  2003 

Blame  for  delay 

Interoperability  between 
multivendor  IPSec 
devices. 

Current 

promise 

April  2004 

Secure  Internet 
Gateway  Network 
Firewall 

Year-end  2003 

Focusing  on  SIG  Private 

IP  support. 

Year-end  2004 

MCI  Advantage 
over  Private  IP 

July  2003 

Ensuring  service  works 
well  before  rollout. 

March  2004 

MCI  Advantage 
outside  U.S. 

Year-end  2003 

Put  energies  toward 
refining  domestic  offering. 

Fall  2004 

MCI  has  decided  to  move  ahead,  tem¬ 
porarily  without  RFC  3706. 

“We  will  be  able  to  [offer  a]  complete 
product  interworking  suite  through  IPSec 
tunnels,  but  not  through  a  standards  based 
method  in  April,”  says  Jim  DeMerlis,  MCI’s 
vice  president  for  data  and  IP  services.The 
carrier  will  then  migrate  to  standards¬ 
based  support  once  it  has  a  chance  to  test 
all  of  the  software. 

And  while  MCI  is  late  delivering  on  its 
promised  schedule, its  competitors  also  are 
not  offering  a  service  that  lets  customers 
link  all  of  their  VPN  and  data  services 
seamlessly  AT&T  says  it  will  have  this  ser¬ 
vice  available  toward  the  end  of  the 
month,  but  the  carrier  has  not  announced 
the  offering. 

MCI’s  third  phase  of  SIG,  which  was  slated 
for  availability  at  the  end  of  last  year,  in¬ 
cludes  a  network-based  firewall  for  an 

et  more  information  online.  added  level  of  security  MCI 
ocFinder:  1250  now  says  this  feature  will  roll 

ww.nwfusion.com  out  by  year-end. 


would  support  MCI  Advantage  over  its 
Private  IP  service  by  July  2003.  But  soon 
after  its  assertion  in  May,  the  carrier 
changed  the  delivery  date  to  year-end 
internally  Now  that  feature  is  expected  to 
be  delivered  this  month. 

AT&T  announced  a  similar  service  last 
year  and  says  it’s  on  target  to  deliver  its 
Network  VoIP  VPN  service  in  May.  Sprint 
expects  to  announce  VoIP  services  over  its 
SprintLink  Frame  Relay  service  later  this 
year. 

MCI  also  promised  to  deliver  its  MCI 
Advantage  service  internationally  by  the 


end  of  last  year. 

“That  date  was  moved,”  says  Sharon  Kas- 
imow, director  of  MCI  Advantage.’There  is  a 
finite  amount  of  capital  and  engineering 
resources. We  have  to  prioritize  products.” 

“We  wanted  to  do  some  things  domesti¬ 
cally  and  determined  to  pull  our  service 
together  and  tighten  it  up  before  taking  it 
overseas,  rather  than  have  a  lesser  product 
in  multiple  countries,”  Kasimow  says. 

MCI  moved  quality-of-service  support 
from  the  customer  premises,  where  it  was 
using  a  traffic-shaping  device  from  Si  tar,  into 
the  network.  “There  were  bandwidth 
restraints  with  the  Sitar  device,”  Kasimow 
says.The  network-based  mechanism,  which 
MCI  built  internally  allows  for  traffic  prioriti¬ 
zation,  whereas  the  Sitar  device  focused 
more  on  the  size  of  packets,  she  says. 

Now,  MCI  Advantage  is  expected  to  roll 
out  overseas  by  early  fall, she  says. 

AT&T  says  it’s  offering  business-grade 
VoIP  services  in  40  countries.  Sprint  says  it’s 
planning  to  launch  a  suite  of  business  VoIP 
services  later  this  year. 

“[MCI]  needs  to  get  out  in  front  of  the 
public  to  show  they  are  an  innovator,  but 
they  also  are  very  constrained  on  re¬ 
sources,”  says  David  Willis,  analyst  at  Meta 
Group.“They  have  lost  40%  of  their  business 
over  the  last  two  years.” 

Earlier  this  month  MCI  restated  its  rev¬ 
enue  for  2000,2001  and  2002.  The  carrier 
had  revenue  of  $39.3  billion,  $37.7  billion 
and  $32.2  billion,  respectively  And  revenue 
continued  to  drop.  The  carrier  reported 
revenue  of  $24.1  billion  in  2003,  and  that 
was  before  announcing  the  sale  of  its  Latin 
American  division  Embratel,  which  made 
up  11.2%  of  its  annual  revenue  in  2002. 
“This  is  not  the  time  to  lose  credibility  with 
your  customers,”  Willis  says.  ■ 
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showdown 


Log  on  March  29  to  participate  in  an  online  debate  featuring  six  vendors. 

We’ve  challenged  Airespace,  Aruba,  Cisco,  Extreme,  Symbol  and  Trapeze  to  duke  it  out 
in  a  weeklong  online  debate, discussing  everything  from  why  they  matter  to  technical 
product  differences.  On  March  29,  we’ll  past  the  first  round  of  vendor  answers  to  questions 
from  Network  World  Senior  Editor  John  Cox  and  Craig  Mathias, principal  of  the  Farpoint 
Group.Tuesday  and  Wednesday  the  vendors  will  get  the  chance  to  question  each  other, 
and  Thursday  and  Friday  we  throw  the  doors  open  for  questions  from  you.  So  log  on 
to  www.nwfusion.com  and  follow  what  is  shaping  up  to  be  a  lively  debate. 


Survey:  User  annoyance 
grows  along  with  spam 


BY  JOHN  FONTANA 


Users’  dissatisfaction 
with  e-mail  is  on  the  rise 
because  of  spam,  and 
recent  legislation  ap¬ 
pears  to  be  doing  noth¬ 
ing  to  curb  the  influx  of 
the  electronic  junk  mail, 
according  to  a  new 
study  by  the  Pew  In¬ 
ternet  &  American  Life 
Project. 

The  survey  shows  that  86%  of  e-mail  users 
reported  some  level  of  distress  with  spam. 

Anti-spam  vendor  Postini  says  spam 
accounts  for  nearly  75%  of  all  e-mail  traffic 
today  The  influx  is  taking  its  toll  on  e-mail 
users,  who  continue  to  see  their  in-boxes 
bloat  with  unsolicited  e-mail. 

In  the  study,  29%  of  e-mail  users  say  they 
have  reduced  their  overall  use  of  e-mail 
because  of  spam,  an  increase  of  4%  over 


63% 


of  e-mail  users  say  the 
influx  of  spam  has  made 
them  less  trusting  of 
e-mail  in  general.  Last 
year,  only  52%  made 
that  claim. 

SOURCE-  PEW  INTERNET  A 
AMERICAN  LIFE  PROJECT 


last  year.  And  63%  says 
the  influx  of  spam  has 
made  them  less  trusting 
of  e-mail  in  general.  Last 
year,  only  52%  made  that 
claim.  To  highlight  the 
impact  that  spam  is  hav¬ 
ing  on  the  Internet,  77% 
said  spam  makes  the  act 
of  being  online  unpleas¬ 
ant  and  annoying,  which 
is  up  from  70%  last  year. 

Lee  Rainie,  director  of  the  Ftew  Internet 
Project,  concluded  in  the  survey  conduct¬ 
ed  last  month  that  the  vast  majority  of 
e-mail  users  are  not  getting  much  help 
from  the  CAN-SPAM  Act,  the  nation’s  first 
anti-spam  legislation. 

The  study’s  results  were  based  on  a 
national  phone  survey  with  2,204  Ameri¬ 
can  adults,  of  whom  1,371  were  Internet 
users.  The  margin  of  error  was  plus  or 
minus  three  percentage  points.  ■ 
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Ethernet  products  and  manage¬ 
ment  modules  that  support  VPN 
and  VoIP  networks,  at  the 
CeBit  conference  in  Hannover, 
Germany. 

The  announcements  signal  an 
effort  by  Cisco  to  better  articu¬ 
late  its  data  center  network  strat¬ 
egy,  says  Zeus  Kerravala,  an  ana¬ 
lyst  with  The  Yankee  Group. 

“I  hadn’t  seen  much  of  a  high- 
level  enterprise  vision  from  Cisco 
over  the  last  18  months,”  he  says. 
“They’ve  been  doing  a  lot  of  spot 
product  announcements,  but  this 
launch  across  the  Catalyst  family 
really  boosts  their  overall  IP  com¬ 
munications  story’ 

Some  industry  watchers  have 
criticized  copper  10G  technolo¬ 
gy  as  being  too  short  in  range  — 
50  feet  or  less  —  and  for  running 
over  1BX4  (four-pair,  twin-axial 
cabling,  similar  to  an  InfiniBand 
cable),  which  is  less  common 
than  Category  5  or  6  cabling, 
which  supports  1 0/ 100/1 000 M 
bit/sec  Ethernet.  But  Kerravala 
says  the  price  is  right  vs.  fiber- 
based  10G  offerings  and  1G 
trunking.  (The  price  of  fiber- 
based  10G  offerings  is  about 
$7,000  per  port;  eight  Gigabit 
ports  trunked  together  costs 
about  $1,000.) 

Cisco’s  10G-BaseCX4  ports  are 
integrated  into  modular  Xenpak 
transceivers,  two  or  four  of 
which  can  fit  into  Catalyst  6500 
blades,  depending  on  the 
model. 

Other  leading  switch  makers 
have  indicated  they  plan  to 
deliver  copper-based  10G  prod- 


A  view  into  VoIP 


HMO  HealthNet  is  using  new  features  in  Cisco’s  Catalyst  6500  Network  Analysis  Modules 
to  remotely  monitor  its  VoIP  network. 


400  call-center  agents  use  Cisco  IP  phones, 
which  run  off  of  a  Cisco  CallManager  IP  PBX 
across  the  WAN  at  HealthNet’s  data  center. 


Net  administrators  monitor  end-to-end  VoIP  traffic 
via  Network  Analysis  Modules  in  Cisco  Catalyst 
6500  switches  at  the  call  center  and  data  center. 


Cisco  IP  phones 


Sacramento,  Calif., 
data  center 
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ucts  but  have  not  announced 
specifics. 

Catalyst  boost 

Cisco  also  announced  a  version 
of  its  Catalyst  3750  10/100/1000 
switch  with  a  fiber-based  10G  up¬ 
link.  Aimed  at  server  cluster 
aggregation,  or  high-end  desktop 
deployments,  the  $20,000  device 
can  be  stacked  with  up  to  10  oth¬ 
ers  to  form  a  virtual  wiring-closet 
switch,  Cisco  says.  Foundry 
Networks  and  Extreme  Networks 
launched  10/100/1000  switches 
with  dual  10G  uplinks  last 
month  and  earlier  this  month, 
respectively 

McGill  University  in  Montreal 
is  using  10G  uplinks  on  Catalyst 
3750s  at  its  music  school 
to  replace  an  older  setup  based 
on  trunking  eight  Gigabit 
Ethernet  links  using  Cisco’s 
EthernetChannel  technology. 


Cisco  issues  security  warning 

Cisco  last  week  warned  that  an  implementation  of  Secure 
Sockets  Layer  on  some  of  its  switches,  routers  and  fire¬ 
walls  could  leave  these  devices  vulnerable  to  denial-of- 
service  attacks. 

The  warning,  posted  on  Cisco's  Web  site,  said  that  some 
hardware  and  software  products  with  HTTPS  servers  run¬ 
ning  OpenSSL  (used  for  management  and  configuration) 
could  be  brought  down  by  an  attack  designed  to  crash  the 
HTTPS  server  on  the  affected  device.  Cisco  posted  informa¬ 
tion  on  how  to  fix  the  problem  (see  www.nwfusion.com, 
DocFinder:  1245). 

Affected  products  include  Cisco  IOS  12.1(1 1)E,  and  12.2SY 
“crypto"  release  versions  and  sub-releases.  Products  running 
this  IOS  image  could  include  Cisco  Catalyst  6500  switches  and 
the  firewall  module  for  the  Catalyst  6500,  Cisco  7100  and  7200 
series  routers;  PIX  firewalls;  Content  Service  Switches  and  the 
MDS  9000-series  storage  switches.  Software  affected  by  the 
vulnerability  includes  CiscoWorks  Common  Services  2.2  and 
Management  Foundation  2.1. 

—  Phil  Hochmuth 


The  network  supports  PCs 
used  to  encode  high-band¬ 
width  recordings. 

“A  single  [  10G]  uplink  is  nice 
because  it  takes  up  less  ports  on 
your  switches  and  uses  less 
fiber,’’ says  Quan  Nguyen,  associ¬ 
ate  director  for  systems  engi¬ 
neering  at  the  university.  “One 
port  is  easier  to  manage  than 
eight.” 

Other  new  hardware  from 
Cisco  includes: 

•  A  management  module  up¬ 
grade  for  the  Catalyst  4500  and  a 
10-slot  version  of  the  4500  chas¬ 
sis.  They  cost  $16,500  and 
$  1 2,500,  respectively. 

•  A  48-port  Gigabit  Ethernet 
module  for  the  Catalyst  6500 
with  all-fiber  connections  and 
priced  at  $25,000. 

•  A  Catalyst  6500  management 
module  daughtercard  that 
triples  IPv4  and  IPv6  routing 
capacity,  priced  at  $12,000. 

•  Eighty-  and  1,000-foot  range 
10G  Ethernet  modules  for  the 
Catalyst  6500  with  multi-mode 
fiber  ports. They  cost  $3,000  and 
$4,000,  respectively. 

Cisco  also  announced  free 
software  upgrades  for  four 
Catalyst  6500  service  modules. 

•  VPN  module  —  Stateful 
IPSec  traffic  failover  between 
modules. 

•  SSL  module  —  Centralized 
key  certificate  storage  and  fail¬ 
over  between  Secure  Sockets 
Layer  modules. 

•  Content  switching  module 
—  Denial-of-service  traffic 
detection  with  Layer  4  to  7 
packet  switching. 
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•  Network  analysis  module 
(NAM)  — VoIP  monitoring. 

HealthNet,  a  Sacramento, 
Calif.,  HMO,  uses  Catalyst  switch¬ 
es  with  NAMs  to  remotely  moni¬ 
tor  VoIP  traffic  performance  and 
voice  quality  at  a  400-seat  cus¬ 
tomer  service  call  center  in  the 
Midwest. 

“Using  the  modules  gives  us 
visibility  into  any  type  of  traffic,” 
says  Jeff  Jacobs,  senior  network 
design  engineer  at  HealthNet. 
“The  kind  of  reporting  and  mon¬ 
itoring  we  can  do  remotely  in 
the  past  would  have  required 
someone  onsite  with  tools  like  a 
network  sniffer.” 

The  upgraded  Catalyst  mod¬ 
ules  in  the  call  center  and  data 
center  lets  Jacobs  and  his  staff 
view  voice  calls  as  they  take 
place.  The  modules  also  send 
alerts  (via  e-mail  and  to  a  cen¬ 
tralized  network  management 
system)  if  traffic  quality  falls 
below  specified  thresholds. 

Cisco  also  announced  firm- 
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ware  upgrades  across  all 
Catalyst  modular  and  fixed-con- 
figuration  switches  that  boosts 
security  at  the  port  level. 

The  Advanced  Integrated  Se¬ 
curity  feature  set  includes  a 
modified  version  of  the  IEEE 
802. lx  standard  for  port-based 
authentication  that  lets  wireless 
and  wired  end  users  authenti¬ 
cate  to  a  network  with  different 
levels  of  access,  depending  on 
pre-defined  network  policies. 
Cisco  says  this  fine-tunes  the 
basic  functionality  of  802. lx, 
which  can  only  permit  or  deny 
access. 

Cisco  also  has  added  the  abili¬ 
ty  to  set  up  Layer  2  access-con¬ 
trol  lists  based  on  PC  and  laptop 
media  access  control  (MAC) 
addresses.  Cisco  says  this  feature 
can  block  flooding,  in  which  an 
attacker  tries  to  bring  down  a 
switch  by  overloading  its  MAC 
address  table  list.  This  can  also 
prevent  “man  in  the  middle”  net¬ 
work  intrusions,  where  attackers 
spoof  a  MAC  address  to  inter¬ 
cept  Ethernet  traffic. 

Chris  Kozup,a  Meta  Group  ana¬ 
lyst,  says  many  of  these  new 
products  and  upgrades  fit  into 
an  end-to-end  network  strategy 
from  Cisco  based  on  the  idea 
that  the  whole  is  greater  than  the 
sum  of  its  parts. 

“It  can  be  good  because  it 
offers  the  ability  to  deploy  end- 
to-end  services  [such  as  VoIP  or 
security]  across  different  plat¬ 
forms  that  can  be  centrally  man¬ 
aged,”  Kozup  says.“But  some  say 
that  when  you  buy  Cisco,  you’re 
forced  into  a  never-ending  cycle 
of  upgrades.”  ■ 
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finished  last  weeks  Backspin  rant 
on  our  corporate  operating  sys¬ 
tem  monoculture  with  the  rather 
odd  question:  Ever  heard  of  the  Irish 
Potato  Famine? 

The  Irish  Potato  Famine  lasted  from 
1846  to  1850  and  about  1  million 
people  —  about  one  in  9  at  the  time 
—  died  from  hunger  and  disease.The  famine  was, 
by  any  standards,  a  disaster  of  biblical  proportions. 

Now  there  are  hundreds  of  varieties  of  potatoes 
but  some  are  more  productive  than  others,  and 
for  this  reason  Irish  farmers  settled  on  a  variety 
called  the  lumper.  As  potatoes  can  be  easily  prop¬ 
agated,  what  the  Irish  wound  up  with  were  many 
crops  of  genetically  identical  clones  —  they 
created  a  monoculture. 

Then  in  1845  the  fungus  Phytophthora  infestans, 
which  is  responsible  for  a  disease  called  potato 
blight,  appeared  in  Ireland.  Some  varieties  of  potato 
are  less  susceptible  to  potato  blight  than  others  — 
unfortunately  the  lumper  was  not  one  of  those. 

The  fact  that  the  lumper  was  prominent  through¬ 
out  Ireland  meant  that  the  fungus  wiped  out  much 
of  the  Irish  potato  crops  not  only  in  1845  but  also  in 
1846  and  again  in  1848.This  was  the  setting  for  what 
we  now  call  the  Irish  Potato  Famine. 

One  final  point  about  the  Famine  —  politics  was 


also  a  factor.  Ireland  at  that  time  actually  grew  more 
than  enough  produce  to  feed  itself  but  there  was  no 
surplus  —  a  significant  percentage  of  Irish  crops 
were  earmarked  to  be  sold  in  England  at  a  price  the 
Irish  couldn’t  afford.  Catharina  Japikse  writing  about 
the  famine  in  a  1994  EPA  Journal  story  noted  that, 
“The  Irish  starved  not  for  lack  of  food,  but  for  lack  of 
food  they  could  afford.” 

I  bring  up  the  story  of  the  Irish  Potato  Famine  as  an 
example  of  the  dangers  of  monoculture:  Whenever 
you  have  a  large  population  with  a  low  variability 
there  is  the  opportunity  for  a  disease  to  run  rampant. 

And  what  have  we  got  today  in  the  computer 
world?  With  Windows  being  the  operating  system  on 
some  95%  of  all  PCs,  I  think  we  can  agree  that  the 
term  monoculture  applies. 

On  top  of  the  operating  system  monoculture  are 
huge  pockets  of  additional  monocultures  — 
Microsoft  Office  (and  notably  Outlook),  Microsoft 
Internet  Information  Server,  Microsoft  SQL  Server, 
Microsoft  Exchange  . .  .the  list  is  getting  pretty  long. 
We  have  unwittingly  set  ourselves  up  for  a  digital 
ecological  disaster. 

Already  we  see  disasters  that  we  can  attribute  to 
our  digital  monocultures: The  Melissa  virus  (March 
1999),  the  VBS/Loveletter  virus  (May  2000), the 
Slammer  worm  (January  2003),  the  SoBig  virus 
(August  2003),  the  Blaster  worm  (August  2003),  and 


the  MyDoom  virus  (January  2004). 

So  what  can  we  conclude?  First,  we  aren’t  going  to 
get  rid  of  the  monocultures  we  have.There’s  too 
much  invested  in  our  systems  for  any  kind  of  whole¬ 
sale  change.  Second,  we  should  consider  alternatives 
when  we  add  to  and  replace  equipment  —  we  need 
to  increase  diversity  The  increased  support  costs  will 
be  more  than  offset  by  the  improved  ability  to  over¬ 
come  problems  and  crises  in  what  will  become 
smaller  homogeneous  populations. 

Third,  we  need  to  improve  our  defensive  abilities. 
This  means  leaning  on  software  vendors  —  particu¬ 
larly  Microsoft  —  to  deliver  effective  security  mecha¬ 
nisms  and  patch  the  holes  that  exist,  and  we  need  to 
be  more  rigorous  about  what  products  we  adopt.  We 
also  need  to  invest  in  and  install  a  wider  array  of 
security  and  management  products. 

But  these  approaches  will  cost.They  will  cost  us 
not  only  money  but  also  time  because  quick  fixes 
are  rarely  a  safe  path.  In  addition,  our  improvements 
will  require  a  lot  more  planning  and  architecting 
than  we  have  traditionally  applied. 

The  fact  is  that  we  are  not  at  risk  for  lack  of  secur¬ 
ity  but  for  lack  of  security  we  have  been  willing  to 
afford. Time  to  start  spending. 

Thoughts  from  the  trenches  to  backspin@ 
gibbs.com. 
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By  Paul  McNamara 

This  is  madness  in  any  month 

With  identity  thieves,  virus  writers 
and  spammers  running  willy-nilly 

across  the  Web,  federal  prosecutors  nonetheless  have  decided  they  have  the 
time  and  taxpayer  dollars  to  prosecute  media  outlets  for  doing  nothing  more 
than  selling  advertising  to  online  gambling  sites. 

Never  mind  unconstitutional,  unwarranted  and  unfair:This  cockamamie 
scheme  is  dumber  —  and  has  no  more  chance  of  success  —  than  picking  a  No. 
16  seed  to  go  all  the  way  in  your  March  Madness  office  pool  (which  by  way  of 
this  government  reasoning  also  constitutes  a  criminal  enterprise). 

Quick  aside:  If  I  have  a  bias  here  it  isn’t  only  that  advertising  revenue  of  a  dif¬ 
ferent  sort  feeds  my  family.  My  bank  just  canceled  my  ATM/credit  card 
because  mine  was  among  thousands  of  Visa  account  numbers  stolen  from  BJ’s 
Wholesale  Club.  Not  only  did  I  discover  this  only  after  my  neighborhood  grocer 
rejected  the  card,  but  the  days  of  anxiety  between  learning  of  the  breach  and 
confirming  that  my  account  hadn’t  been  emptied  was  a  heck  of  a  lot  more  dis¬ 
concerting  than  the  thought  of  people  wagering  from  the  privacy  of  their  own 
Web  browsers. 

Federal  law  enforcement  doesn't  see  it  that  way. 

Let's  be  clear  on  the  overriding  principle  here:  Government  ought  not  be 
deciding  what  you  can  and  cannot  do  with  your  disposable  income,  so  gambling 
—  online  or  offline  —  should  be  legal,  regulated  and  taxed. 

But  the  applicable  case  law  is  anything  but  clear. 

Most  online  gambling  establishments  are  physically  located  —  to  the  extent 
that  location  can  be  defined  on  the  Internet  —  in  countries  whose  officials 
accept  the  futility  of  prohibition.  In  other  words,  these  businesses  are  legal 
where  they  sit,  and  not  even  the  most  vocal  anti-gambling  nags  delude  them¬ 
selves  into  believing  that  they  might  go  away. 


So  our  government's  strategy,  as  spelled  out  in  a  front-page  story  in  last 
Monday’s  New  York  Times,  takes  aim  at  the  ‘‘support  services"  behind  off¬ 
shore  online  gambling,  including  media  outlets  that  have  been  selling  ads  to 
these  legal  companies.  Because  no  federal  law  explicitly  outlaws  such  adver¬ 
tising  —  or  even  gambling  over  the  Internet,  for  that  matter  —  prosecutors  are 
leaning  on  an  untested  "aiding  and  abetting"  theory  that  one  might  normally 
associate  with  the  pursuit  of  gangsters.  While  charges  have  yet  to  be  filed, 
media  companies  have  had  records  subpoenaed  and  a  grand  jury  is  reportedly 
considering  the  government’s  “evidence.” 

A  few  companies  already  have  bowed  to  the  pressure  and  stopped  accepting 
the  ads,  although  at  least  two  Internet  heavyweights  — Yahoo  and  Google  — 
deserve  a  round  of  applause  for  refusing  to  cave. 

“All  you're  doing  is  taking  dollars  out  of  U.S.  businesses'  pockets  and  push¬ 
ing  it  offshore,”  says  Lawrence  Walters,  an  attorney  who  specializes  in  First 
Amendment  matters.  If  you’re  interested  in  the  nitty-gritty  of  the  legal  issues, 
check  out  the  primer  written  by  Walters,  which  you  can  access  through 
www.nwfusion.com,  DocFinder:  1244. 

But  you  don't  need  a  law  degree  to  realize  that  this  crusade  is  nuts. 

"I  don’t  think  the  public  is  behind  shutting  down  online  gambling,"  Walters 
says,  adding  that  he  fully  expects  media  companies  to  face  protracted  and 
expensive  legal  fights  as  a  result  of  the  campaign.  "People  are  going  to  be  hurt 
just  so  politicians  can  make  election-year  stump  speeches”  about  the  issue. 

And  let’s  not  ignore  the  slippery  slope  here,  which  brings  us  back  to  those 
office  pools.  Mine  is  hosted  by  CBS  SportsLine.com. At  the  risk  of  ratting  out 
my  fellow  conspirators,  I  must  tell  you  that  participants  in  these  pools  some¬ 
times  kick  a  buck  or  two  into  a  prize  pot  —  just  to  heighten  interest. 

Aiding  and  abetting  a  gambling  operation? 

Don’t  laugh. 

Bet  you  have  something  to  say.  The  address  is  buzz@nww.com. 
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The  NetVanta  3000  Series  from  ADTRAN. 
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Uncompromising  quality.  Affordable  price.  There's  no  better  value 
in  access  routers  than  the  NetVanta  3000  Series  from  ADTRAN. 


Using  a  NetVanta  3000  router,  you  can  outfit  a  remote 
location  with  complete  T1  voice  and  data  communications 
for  50%  less  than  you're  accustomed  to  paying.  Loaded 
with  standard  features,  and  available  with  very  reasonably 
priced  options,  the  NetVanta  3000  Series  is  everything  you 
need  in  a  router  and  more.  Lower  price  isn’t  the  result  of 
cutting  corners — it’s  the  result  of  smart  engineering. 
Engineering  that’s  backed  by  a  J  00%  satisfaction  guarantee 
from  ADTRAN,  including  unlimited  telephone  technical 
support  (before  and  after  the  sale),  free  ADTRAN  OS  updates, 
and  a  full  five-year  warranty.  Try  a  NetVanta  3000  router  today. 
And  start  getting  more  out  of  your  router  dollar. 

Why  pay  more? 


Take  the  CLI  Challenge!  Receive  a  free  T-Shirt! 
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Foundry  is  the  1 0-Gigabit  Ethernet  leader.  We  were  first  in  the  market  in  October  2001, 
and  we  continue  to  dominate  lOCbE  market  share.  Why?  Because  we  offer  a  complete  high 
performance  solution  from  wiring  closet,  server  farm,  to  backbone.  Our  solutions  are  easy  to  deploy, 
and  future  proof:  our  modular  switches  are  1  OGbE  ready  without  a  forklift  upgrade. They’re  com¬ 
prehensive:  supporting  standard-based  replaceable  lOGbE  optics  with  distance  up  to  40  km. They  add 
value  beyond  bandwidth:  our  JetScope'VsFlow  technology  allows  you  to  monitor  network  traffic, 
on  every  port,  without  performance  degradations.  And  they  are  proven  in  real-world  networks: 
University  of  Southern  California, Walter  Reed  U.S.Army  Medical  Center,  London  and  Amsterdam 
Internet  Exchanges, as  well  as  NTT/ Verio. Want  to  experience  10-Gigabit  Ethernet?  Follow  the  leader. 
Contact  Foundry  today  at  1 .888.TURBOLAN  or  wWw.foundrynetworks.com/10GbE 
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